[openssl-users] Loading CA from memory

Jakob Bohm jb-openssl at wisemo.com
Tue Feb 20 15:53:48 UTC 2018

On 20/02/2018 16:38, Devchandra L Meetei wrote:
> I have been looking for  API like `SSL_CTX_load_verify_mem` which will 
> load
> CA[s] from mem buffer.
> Looks like OpenSSL does not have it yet, Is there any other way to 
> work around
> this ?
I think it can be done step by step, at least in 1.0.x:

First allocate an empty STACK_OF X509 certificates

Then loop over your in-memory CA certificates, passing each to d2i_X509, 
then adding the resulting X509 object to the stack.

Finally pass that stack as the CA collection to an appropriate SSL_CTX 


Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

More information about the openssl-users mailing list