Unable to load self-signed certificate

radiatejava radiatejava at gmail.com
Wed Jul 27 15:14:57 UTC 2022

Hello experts
I used to load a self-signed cert using a program like below:

X509_STORE_set_verify_cb_func(lCertCtx, UserCert_cb_check_cert);
lLookup = X509_STORE_add_lookup(lCertCtx, X509_LOOKUP_file());
error = X509_LOOKUP_load_file(lLookup, NULL, X509_FILETYPE_DEFAULT);

It was all working great till I was on openssl 1.0.2k.
We have shifted to openssl 1.0.2u and now the call
X509_LOOKUP_load_file(..) for self-siged cert is not working. Somehow
it seems to be looking for a default CA certificate. This is the error
I get:

533:error:02001002:system library:fopen:No such file or
533:error:2006D080:BIO routines:BIO_new_file:no such
file:bss_file.c:182: 533:error:0B084002:x509 certificate
routines:X509_load_cert_crl_file:system lib:by_file.c:254:
533:error:0B065068:x509 certificate routines:BY_FILE_CTRL:loading

I do not have any /usr/lib/ssl/cert.pem file on my system. I am on ubuntu 20.04.

Appreciate your help!

More information about the openssl-users mailing list