Sortix cross-nightly manual
This manual documents Sortix cross-nightly. You can instead view this document in the latest official manual.
NAME
SSL_CTX_load_verify_locations, SSL_CTX_set_default_verify_paths — set default locations for trusted CA certificatesSYNOPSIS
#include <openssl/ssl.h>SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile, const char *CApath);
SSL_CTX_set_default_verify_paths(SSL_CTX *ctx);
DESCRIPTION
SSL_CTX_load_verify_locations() specifies the locations for ctx, at which CA certificates for verification purposes are located. The certificates available via CAfile and CApath are trusted.-----BEGIN CERTIFICATE----- ... (CA certificate in base64 encoding) ... -----END CERTIFICATE-----
RETURN VALUES
For SSL_CTX_load_verify_locations(), the following return values can occur:- 0
- The operation failed because CAfile and CApath are NULL or the processing at one of the locations specified failed. Check the error stack to find out the reason.
- 1
- The operation succeeded.
EXAMPLES
Generate a CA certificate file with descriptive text from the CA certificates ca1.pem ca2.pem ca3.pem:#!/bin/sh rm CAfile.pem for i in ca1.pem ca2.pem ca3.pem; do openssl x509 -in $i -text >> CAfile.pem done
$ cd /some/where/certs $ rm -f *.[0-9]* *.r[0-9]* $ for c in *.pem; do > [ "$c" = "*.pem" ] && continue > hash=$(openssl x509 -noout -hash -in "$c") > if egrep -q -- '-BEGIN( X509 | TRUSTED | )CERTIFICATE-' "$c"; then > suf=0 > while [ -e $hash.$suf ]; do suf=$(( $suf + 1 )); done > ln -s "$c" $hash.$suf > fi > if egrep -q -- '-BEGIN X509 CRL-' "$c"; then > suf=0 > while [ -e $hash.r$suf ]; do suf=$(( $suf + 1 )); done > ln -s "$c" $hash.r$suf > fi > done