[openssl-users] Loading CA from memory
Devchandra L Meetei
dlmeetei at gmail.com
Tue Feb 20 17:58:21 UTC 2018
Thanks Jakob for the hint
Let me try out the suggested approach.
By the way, Is there any plan to port SSL_CTX_load_verify_mem to openssl?
On Tue, Feb 20, 2018 at 9:23 PM, Jakob Bohm <jb-openssl at wisemo.com> wrote:
> On 20/02/2018 16:38, Devchandra L Meetei wrote:
>
>> I have been looking for API like `SSL_CTX_load_verify_mem` which will
>> load
>> CA[s] from mem buffer.
>>
>> Looks like OpenSSL does not have it yet, Is there any other way to work
>> around
>> this ?
>>
>>
>> I think it can be done step by step, at least in 1.0.x:
>
> First allocate an empty STACK_OF X509 certificates
>
> Then loop over your in-memory CA certificates, passing each to d2i_X509,
> then adding the resulting X509 object to the stack.
>
> Finally pass that stack as the CA collection to an appropriate SSL_CTX
> function.
>
>
> Enjoy
>
> Jakob
> --
> Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
> Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
> This public discussion message is non-binding and may contain errors.
> WiseMo - Remote Service Management for PCs, Phones and Embedded
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
--
Warm Regards
--Dev
OpenPegasus Developer
"I'm one of those people that think Thomas Edison and the light bulb
changed the world more than Karl Marx ever did,” Steve Jobs
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20180220/06a0d4e4/attachment.html>
More information about the openssl-users
mailing list