try this function:int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile, const char *CApath); You can pass either a file path or a folder that contains a few CA files. Also, you can try to set the environment variable "SSL_CERT_FILE"=your file path,which will make openssl load the CA file automatically.
At 2011-02-11 00:07:27,"Lennart van den Dool | fonq.nl" <lennart.vandend...@fonq.nl> wrote: Hi, I can’t figure this out and I’ve been searching the net for hours, so I hope someone can help. I want to make an ldaps connection to a remote server, but issuing openssl s_client -ssl3 -connect [domain]:636 -state -verify results in: Verify return code: 20 (unable to get local issuer certificate). When I specify the -CAfile /etc/ssl/certs/AddTrust_External_CA_Root.pem it works fine. How can I make openssl use (trust) that CAfile automatically? Thanks in advance! Regards, Lennart
