Re: SSL_CTX ignores many X509_STORE fields and uses own fields

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Fri, Aug 17, 2018 at 11:25:01PM +1000, Daurnimator wrote:

> > When looking into https://github.com/wahern/luaossl/issues/140 I was
> > surprised to learn that an SSL_CTX* (and SSL*) does not use many of
> > the X509_STORE members.

There are no plans to change the design.  You can set the verification
store associated with the SSL_CTX via:

	SSL_CTX_set0_verify_cert_store(3)
    or
	SSL_CTX_set1_verify_cert_store(3)

do this early, before using the SSL_CTX to create SSL handles with
SSL_new().  Configure the store properties as you see fit.

-- 
	Viktor.
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux