On Sun, 29 Mar 1998, Rick H. Wesson wrote:
> What i would like to do is build them myself,
> i'm writing a CORBA based CA using my own
> datastore [metakit] for keepaing all the info
> about the certs.
The certs are retrived in the ssl3_output_cert_chain() function
(ssl/s3_both.c).
X509_STORE_CTX_init()
X509_STORE_get_by_subject()
calls are used to retrive certificates, using the relevent
methods loaded into the X509_STORE.
SSL_CTX_set_default_verify_paths() and
SSL_CTX_load_verify_locations() call the
X509_STORE_load_locations() function which loads the default 'cert file' and
'cert directory' lookup methods. You want to replace the functionality of
these functions with your own certificate retrieval method.
The 2 inbuild cert retrieval methods are X509_LOOKUP_file()
and X509_LOOKUP_hash_dir().
crypto/x509/by_dir.c and crypto/x509/by_file.c contain the code to look at.
eric (doing a rather cryptic response :-)
+-------------------------------------------------------------------------+
| Administrative requests should be sent to [EMAIL PROTECTED] |
| List service provided by Open Software Associates, http://www.osa.com/ |
+-------------------------------------------------------------------------+
