SSL_CTX_set_cert_store(3)   OpenSSL   SSL_CTX_set_cert_store(3)





NAME
       SSL_CTX_set_cert_store, SSL_CTX_get_cert_store - manipu-
       late X509 certificate verification storage

SYNOPSIS
        #include <openssl/ssl.h>

        void SSL_CTX_set_cert_store(SSL_CTX *ctx, X509_STORE *store);
        X509_STORE *SSL_CTX_get_cert_store(SSL_CTX *ctx);

DESCRIPTION
       SSL_CTX_set_cert_store() sets/replaces the certificate
       verification storage of ctx to/with store. If another
       X509_STORE object is currently set in ctx, it will be
       X509_STORE_free()ed.

       SSL_CTX_get_cert_store() returns a pointer to the cur-
       rent certificate verification storage.

NOTES
       In order to verify the certificates presented by the
       peer, trusted CA certificates must be accessed. These CA
       certificates are made available via lookup methods, han-
       dled inside the X509_STORE. From the X509_STORE the
       X509_STORE_CTX used when verifying certificates is cre-
       ated.

       Typically the trusted certificate store is handled indi-
       rectly via using SSL_CTX_load_verify_locations(3).
       Using the SSL_CTX_set_cert_store() and
       SSL_CTX_get_cert_store() functions it is possible to
       manipulate the X509_STORE object beyond the
       SSL_CTX_load_verify_locations(3) call.

       Currently no detailed documentation on how to use the
       X509_STORE object is available. Not all members of the
       X509_STORE are used when the verification takes place.
       So will e.g. the verify_callback() be overridden with
       the verify_callback() set via the SSL_CTX_set_verify(3)
       family of functions.  This document must therefore be
       updated when documentation about the X509_STORE object
       and its handling becomes available.

RETURN VALUES
       SSL_CTX_set_cert_store() does not return diagnostic out-
       put.

       SSL_CTX_get_cert_store() returns the current setting.

SEE ALSO
       ssl(3), SSL_CTX_load_verify_locations(3),
       SSL_CTX_set_verify(3)



0.9.7c                     2002-06-04 SSL_CTX_set_cert_store(3)
