[openssl-users] OpenSSL 1.1 X509_STORE sharing

Viktor Dukhovni openssl-users at dukhovni.org
Tue Sep 18 17:04:55 UTC 2018

> On Sep 18, 2018, at 12:30 PM, Maxwell Dreytser <admin at mdtech.us> wrote:
>> X509_STORE_free() decrements a reference count, and frees the object only
>> when the count reaches zero.
> Was this behavior the same in older versions?


> If so, then there is no reason to clear cert_store even in older version, right?

That depends on whether setting the cert_store element was done properly (in a way
that incremented the reference count) or not.  See the documentation of:


the latter does not facilitate sharing the store across multiple SSL_CTX instances.


More information about the openssl-users mailing list