[openssl-users] OpenSSL 1.1.0: How to get X509_STORE from X509_LOOKUP?

Matt Caswell matt at openssl.org
Tue Jun 12 10:32:21 UTC 2018

On 12/06/18 10:58, Stephan Mühlstrasser wrote:
> In OpenSSL 1.0.2 this was no problem as the "X509_STORE *store_ctx"
> member of the X509_LOOKUP structure was directly accessible. But in
> OpenSSL 1.1.0 the X509_LOOKUP structure is opaque, and as far as I can
> see there is no API function available that would retrieve the
> X509_STORE pointer from a X509_LOOKUP pointer.
> Is this intentional, or was this an omission when making the X509_LOOKUP
> structure opaque in OpenSSL 1.1.0?

It was an omission that is fixed in the latest dev version of OpenSSL
1.1.0. See this commit:


This will be in 1.1.0i when it gets released (no released date as yet).


More information about the openssl-users mailing list