hi Henson, Thanx for the suggestion. I tried the following Code : unsigned char CA_cert[811]={ 0x30,0x82,0x03,0x27,0x30,0x82.....};
/* load our CA cert into the certificate chain */ c = CA_cert; x = d2i_X509(NULL,&c,(long) sizeof(CA_cert)); if( x == NULL ){ goto end; } cert_store=SSL_CTX_get_cert_store(ctx); X509_STORE_add_cert(cert_store,x); if(x != NULL) X509_free(x); This code is working fine but i see a memory leak in this part of the code. I am loosing 2048 bytes on heap every time i exit out. I tried commenting this code and everything is ok.. Please can you tell the what Cleanup procedure am i missing here? thankyou, raj --- "Dr. Stephen Henson" <[EMAIL PROTECTED]> wrote: > On Wed, Mar 26, 2003, rajagopalan ramanujam wrote: > > > hi, > > > > I have tested the SSL handshake but failing when > > verifying server certificate > > X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY. I > > generated the self signed CA and used the same > CAcert > > to verify using openssl verify and also using > openssl > > s_client -verify 1 -CAfile and it seems to be > working > > perfectly ok. > > > > Since i dont have a file system on embedded > platform i > > cannot use SSL_CTX_load_verify_locations(). > > > > I have converted the CAcert file from base64 > format > > to C structure using openssl utility and i am > calling > > SSL_CTX_use_certificate(ctx,x). Still i see that > there > > is an error some where. I tried calling > > SSL_CTX_add_extra_chain_cert, but did not help. > > > > You need to retrieve the trusted certificate store > using SSL_CTX_get_store() > and then add the certificate to it using > X509_STORE_add_cert(). > > Steve. > -- > Dr Stephen N. Henson. > Core developer of the OpenSSL project: > http://www.openssl.org/ > Freelance consultant see: > http://www.drh-consultancy.demon.co.uk/ > Email: [EMAIL PROTECTED], PGP key: > via homepage. > ______________________________________________________________________ > OpenSSL Project > http://www.openssl.org > User Support Mailing List > [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] __________________________________________________ Do you Yahoo!? Yahoo! Tax Center - File online, calculators, forms, and more http://tax.yahoo.com ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]