C++/OpenSSL: Use root CA from buffer rather than file (SSL_CTX_load_verify_locations)

后端 未结 1 570
感动是毒
感动是毒 2020-12-31 09:53

I am using OpenSSL to verify a server\'s certificate. Since OpenSSL is shipped without any built-in root CAs, we must distribute the root CA certificate ourselves with our

相关标签:
1条回答
  • 2020-12-31 10:52

    The function SSL_CTX_get_cert_store() can be used to get a handle to the certificate store used for verification (X509_STORE *), and the X509_STORE_add_cert() function (in openssl/x509_vfy.h) can then be used to add a certificate directly to that certificate store.

    0 讨论(0)
提交回复
热议问题