我試圖將這兩個證書都放到X509_STORE_CTX中,但是當我讀出它們時,它們都是NULL。有任何想法嗎?將SSL證書字符串轉換爲有效的X509_STORE_CTX
的證書看起來像:
// Not the real certs. Just trying to illustrate that the certs are just a new line
// delimited string
const char *certA = "-----BEGIN CERTIFICATE-----\nMIIGWDCCBUCgAwI......\n.....\n"
SSL_library_init();
SSL_CTX * sslCtx = SSL_CTX_new(SSLv23_client_method());
X509_STORE *store = SSL_CTX_get_cert_store(sslCtx);
X509_STORE_CTX *store_ctx = X509_STORE_CTX_new();
BIO *bio;
X509 *certificate;
/*First cert*/
bio = BIO_new(BIO_s_mem());
BIO_write(bio,(const void*)certA ,sizeof(certA));
certificate = PEM_read_bio_X509(bio, NULL, NULL, NULL);
X509_STORE_add_cert(store, certificate);
/*second cert*/
bio = BIO_new(BIO_s_mem());
BIO_write(bio,(const void*)certB ,sizeof(certB));
certificate = PEM_read_bio_X509(bio, NULL, NULL, NULL);
X509_STORE_add_cert(store, certificate);
X509_STORE_CTX_init(store_ctx, store, NULL, NULL);
您無法將X509證書轉換爲「X509_STORE_CTX」。你真的想做什麼?此問題向您顯示如何通過'X509_STORE_CTX'驗證證書:[檢查文件是證書還是密鑰](https://stackoverflow.com/questions/22398477/check-that-a-file-is-certificate - 或一個鍵)。不要讓這個問題的標題欺騙你。 – jww