[openssl-users] Loading CA from memory
Viktor Dukhovni
openssl-users at dukhovni.org
Wed Feb 21 04:28:03 UTC 2018
> On Feb 20, 2018, at 12:58 PM, Devchandra L Meetei <dlmeetei at gmail.com> wrote:
>
> By the way, Is there any plan to port SSL_CTX_load_verify_mem to openssl?
The basic functionality is already there:
If you want to parse in-memory PEM, see the use of PEM_X509_INFO_read_bio() [needs documentation] at:
https://github.com/openssl/openssl/blob/master/apps/crl2p7.c#L179
if have a PKCS7 DER or PEM structure, there are suitable functions for pulling
out a chain from that. Then you can set a "trusted stack" for your X509_STORE_CTX.
--
Viktor.
More information about the openssl-users
mailing list