I am using OpenSSL to verify a server\'s certificate. Since OpenSSL is shipped without any built-in root CAs, we must distribute the root CA certificate ourselves with our
The function SSL_CTX_get_cert_store() can be used to get a handle to the certificate store used for verification (X509_STORE *), and the X509_STORE_add_cert() function (in openssl/x509_vfy.h) can then be used to add a certificate directly to that certificate store.