Overview
Examples
Screenshots
Comparisons
Applications
Download
Documentation
Tutorials
Bazaar
Status & Roadmap
FAQ
Authors & License
Forums
Funding Ultimate++
Search on this site
Search in forums












SourceForge.net Logo
Home » U++ Library support » U++ MT-multithreading and servers » SSLSocket VerifyPeer -> how to set trusted CAs?
SSLSocket VerifyPeer -> how to set trusted CAs? [message #7242] Tue, 19 December 2006 12:08 Go to next message
fallingdutch is currently offline  fallingdutch
Messages: 258
Registered: July 2006
Experienced Member
Hi
at the moment i am looking around for a way to set my own CA to be trusted.

The openssl function is:
int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile, const char *CApath);


And now i am wondering wether there is another way or it is not yet implemented?

Bas

Report message to a moderator

Re: SSLSocket VerifyPeer -> how to set trusted CAs? [message #7265 is a reply to message #7242] Tue, 19 December 2006 22:17 Go to previous messageGo to next message
rylek is currently offline  rylek
Messages: 79
Registered: November 2005
Member
Hello!

You're right, there is currently no wrapper for the function you mentioned. To be honest, when implementing the SSL wrapper I felt rather overwhelmed with the broad range of various structures and functions the SSL library offers. As I had no clear idea which ones were really important, I chose a minimalistic approach, wrapping only as much as I felt absolutely necessary to make the SSL socket up and running. I think some time ago I posted somewhere here a code snippet demonstrating SSL initialization within one of my commercial applications, which showed this very clearly.

Regards

Tomas

Report message to a moderator

Re: SSLSocket VerifyPeer -> how to set trusted CAs? [message #7267 is a reply to message #7265] Tue, 19 December 2006 22:30 Go to previous message
fallingdutch is currently offline  fallingdutch
Messages: 258
Registered: July 2006
Experienced Member
Yes, Thomas, you did paste such a code, i remembered it, too and it was the same i am using for XmlRpc, so i was pretty glad that i understood your SSL implementation.

Will you extend the SSL Socket implementation or do you want to keep it the way it is?
I thought of another function, too SSL_CTX_use_certificate_file and SSL_CTX_use_PrivateKey_file eg by UseCertificateFile()

If you want i can send Mirek a patch to patch the SSL implementation.

Bas

Report message to a moderator

Previous Topic: Socket: how to check wether new data arrived? timeout = NULL?
Next Topic: Simulation in its own thread.
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ] [ PDF ]

Current Time: Wed Apr 24 17:52:55 CEST 2024

Total time taken to generate the page: 0.02644 seconds
.:: Contact :: Home ::.

Powered by: FUDforum 3.0.5.
Copyright ©2001-2013 FUDforum Bulletin Board Software