[openssl-users] passing CA bundle as buffer, instead of file path, to X509_STORE_CTX_ functions

J Decker d3ck0r at gmail.com
Tue Sep 4 15:11:05 UTC 2018


You can use a BIO_new( BIO_s_mem() ) to feed the memory through
BIO_writeand  PEM_read_bio_X509

something like ...
https://github.com/d3x0r/SACK/blob/master/src/netlib/ssl_layer.c#L780

On Tue, Sep 4, 2018 at 8:07 AM Eli Golosovsky <ilya.golosovsky at gmail.com>
wrote:

> Is there an option, in *OpenSSL 1.1.1*, to load a CA bundle from memory
> (buffer / string) instead of loading it from a file?
>
> From my experience, loading a CA bundle can be achieved by using the
> *X509_STORE_CTX_* functions, on an *X509_STORE_CTX* object, representing
> the certificate, and finalizing with *X509_verify_cert*. But I know of no
> way to load the CA bundle not from disk.
>
> Thanks in advance,
> Ilya Golosovsky
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20180904/ce581da6/attachment.html>


More information about the openssl-users mailing list