[openssl-users] Issue with freeing X509

Benjamin Kaduk bkaduk at akamai.com
Tue Oct 17 16:50:04 UTC 2017

On 10/17/2017 11:27 AM, Adi Mallikarjuna Reddy V wrote:
>> I am only worried about the following line. 
>> SSL_CTX_use_certificate(ctx, cert)
>> After this line is it safe to free cert object while ctx is still
>> used later on?

SSL_CTX_use_certificate(ctx, cert), on successful return, takes an
additional reference on the supplied |cert| argument to account for the
pointer in |ctx|.  Thus, the caller of SSL_CTX_use_certificate() can
safely call X509_free(cert) to release the caller's local reference,
while the |ctx| retains a pointer to |cert|.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20171017/aaa6cbb5/attachment.html>

More information about the openssl-users mailing list