[openssl-users] Loading CA from memory

Devchandra L Meetei dlmeetei at gmail.com
Wed Feb 21 04:54:50 UTC 2018


Thanks Viktor
As usual, Your answer throws light. Now, it is time to get started.
Will revert if got obstructed on the way

On Wed, Feb 21, 2018 at 9:58 AM, Viktor Dukhovni <openssl-users at dukhovni.org
> wrote:

>
>
> > On Feb 20, 2018, at 12:58 PM, Devchandra L Meetei <dlmeetei at gmail.com>
> wrote:
> >
> > By the way, Is there any plan to port SSL_CTX_load_verify_mem to openssl?
>
> The basic functionality is already there:
>
> If you want to parse in-memory PEM, see the use of
> PEM_X509_INFO_read_bio() [needs documentation] at:
>
>    https://github.com/openssl/openssl/blob/master/apps/crl2p7.c#L179
>
> if have a PKCS7 DER or PEM structure, there are suitable functions for
> pulling
> out a chain from that.  Then you can set a "trusted stack" for your
> X509_STORE_CTX.
>
> --
>         Viktor.
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>



-- 
Warm Regards
--Dev
OpenPegasus Developer

"I'm one of those people that think Thomas Edison and the light bulb
changed the world more than Karl Marx ever did,” Steve Jobs
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20180221/8ee9d87b/attachment.html>


More information about the openssl-users mailing list