MirOS Manual: SSL_CTX_get_cert_store(3), SSL_CTX_set_cert_store(3)


SSL_CTX_SET_CERT_STORE(3)    OpenSSL    SSL_CTX_SET_CERT_STORE(3)

NAME

     SSL_CTX_set_cert_store, SSL_CTX_get_cert_store - manipulate
     X509 certificate verification storage

SYNOPSIS

      #include <openssl/ssl.h>

      void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store);
      X509_STORE *SSL_CTX_get_cert_store(const SSL_CTX *ctx);

DESCRIPTION

     SSL_CTX_set_cert_store() sets/replaces the certificate
     verification storage of ctx to/with store. If another
     X509_STORE object is currently set in ctx, it will be
     X509_STORE_free()ed.

     SSL_CTX_get_cert_store() returns a pointer to the current
     certificate verification storage.

NOTES

     In order to verify the certificates presented by the peer,
     trusted CA certificates must be accessed. These CA certifi-
     cates are made available via lookup methods, handled inside
     the X509_STORE. From the X509_STORE the X509_STORE_CTX used
     when verifying certificates is created.

     Typically the trusted certificate store is handled
     indirectly via using SSL_CTX_load_verify_locations(3). Using
     the SSL_CTX_set_cert_store() and SSL_CTX_get_cert_store()
     functions it is possible to manipulate the X509_STORE object
     beyond the SSL_CTX_load_verify_locations(3) call.

     Currently no detailed documentation on how to use the
     X509_STORE object is available. Not all members of the
     X509_STORE are used when the verification takes place. So
     will e.g. the verify_callback() be overridden with the
     verify_callback() set via the SSL_CTX_set_verify(3) family
     of functions. This document must therefore be updated when
     documentation about the X509_STORE object and its handling
     becomes available.

RETURN VALUES

     SSL_CTX_set_cert_store() does not return diagnostic output.

     SSL_CTX_get_cert_store() returns the current setting.

SEE ALSO

     ssl(3), SSL_CTX_load_verify_locations(3),
     SSL_CTX_set_verify(3)

MirOS BSD #10-current      2005-04-29                           1

Generated on 2012-02-20 02:47:02 by $MirOS: src/scripts/roff2htm,v 1.70 2011/12/03 18:21:12 tg Exp $

These manual pages and other documentation are copyrighted by their respective writers; their source is available at our CVSweb, AnonCVS, and other mirrors. The rest is Copyright © 2002‒2011 The MirOS Project, Germany.
This product includes material provided by Thorsten Glaser.

This manual page’s HTML representation is supposed to be valid XHTML/1.1; if not, please send a bug report – diffs preferred.