OCSP_basic_verify certs

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

OCSP_basic_verify certs

Murugesh
Hi,

I am implementing the OCSP for my application. Have a doubt on the
'certs' argument for the API "OCSP_basic_verify":

int OCSP_basic_verify(OCSP_BASICRESP *bs, STACK_OF(X509) *certs,
                                X509_STORE *st, unsigned long flags);

Here the second argument 'certs'. I understand we need to push the
below to this STACK_OF(X509):

1) Issuer certificate
2) Signature CA certificates - to support trusted responder model

I have multiple signature CA certificates as individual PEM format
files (say 5 PEM files), inside a directory (say
/config/ssl/signature-ca).

How can i push all these 5 signature CA certs to this STACK_OF (X509)
using sk_X509_push ?

Any openSSL library API is there to push all files from a directory to
this STACK_OF(X509) ?

Thanks & Regards,
Murugesh P.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users