[openssl-users] OpenSSL 1.1 X509_STORE sharing

admin at mdtech.us admin at mdtech.us
Tue Sep 18 16:12:49 UTC 2018


I have some legacy code that I am updating for 1.1 and there they set 
SSL_CTX::cert_store to NULL before `SSL_CTX_free`. Is this neccessary 
for the X509_STORE to be shared between contexts?
Note that this still has to be buildable on 1.0 with the same result.
In the docs it says "X509_STORE_free() frees up a single X509_STORE 
object." Does it just decrease the reference count or does it really 
delete the whole thing and break other contexts?


More information about the openssl-users mailing list