[prev in list] [next in list] [prev in thread] [next in thread]
List: openssl-users
Subject: Re: Validating Cert Chain
From: Marek Marcola <Marek.Marcola () malkom ! pl>
Date: 2006-08-30 11:10:03
Message-ID: 1156936203.3360.46.camel () nx9010
[Download RAW message or body]
Hello,
> i have a question about this following method
>
> int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
> X509 *x509, STACK_OF(X509) *chain);
>
> if i understand this correctly the argument 'x509' is the cert that u want
> to be verified & the 'chain' is the chain of untrusted certificates(leading
> up to a cert that is trusted or root, right ?).
> So i one calls X509_verify_cert(X509_STORE_CTX); it would verify the x509
> cert specified as well as all the chain. is that correct ?
> also how do i get a STACK_OF(X509) from files containg pem certs ?
yes, look at function load_untrusted in OpenSSL apps/verify.c
Best regards,
--
Marek Marcola <Marek.Marcola@malkom.pl>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majordomo@openssl.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic