On Tue, Mar 11, 2003, rajagopalan ramanujam wrote: > > hi, > > I am having a problem when reading a certificate and > private key from a memory buffer instead of a file. > i am using d2i_X509(NULL,&cert,strlen(cert)) to read > the certificate string which was defined in one of > .pem > file. Should i use SSL_CTX_use_certificate_ASN1 > instead??? Please help me..... > > copied from server.pem file > unsigned char * cert > ="MIIDDzCCAs2gAwIBAgICA............Qw=="; > unsigned char * key = > "y5qH6Q0Nvb5SUcJEYY...........p6=="; >
You can only use d2i_X509() with the DER (binary) form of the certificate. Since this can contain embedded zeroes strlen() is not usable, you need a separate length parameter. The -C option of the 'x509' utility can translate a certificate into appropriate C code. For other things like private keys you need to translate them yourself. Something like the Unix utility xxd on the binary form can do that. The stuff you have looks like base64 form with all the newlines deleted. That isn't parseable directly. If you'd included all the newlines then you could use the standard PEM routines with a memory BIO. Steve. -- Dr Stephen N. Henson. Core developer of the OpenSSL project: http://www.openssl.org/ Freelance consultant see: http://www.drh-consultancy.demon.co.uk/ Email: [EMAIL PROTECTED], PGP key: via homepage. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]