[openssl-users] Question as to best options....

Tue Dec 26 19:14:16 UTC 2017

So if you put locks around the SSL_CTX object when it’s used, then you can use the set private key call to update the key; and then all SSL_new objects afterwards will use the new credentials.  Does that meet your need?

> "is there a decent way to convert a PEM or DER private key file into ASN.1" using OpenSSL calls (from a "C" program, not from the command line; we'll assume I have the key and cert files already.)

I assume you mean “native C structure” and not ASN1?  Because DER is just the ASN1 serialized, and PEM is base64 encoded DER with marker lines. …
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20171226/f9d78fbe/attachment.html>