Jump to content

OpenSSL/Verify callbacks

From Wikibooks, open books for an open world
/* This is helpful for debugging the unhelpful error
 * "unable to get local issuer certificate", which could mean
 * almost anything.  But, unfortunately, this is a little too
 * verbose for normal use. */
X509_VERIFY_PARAM *vp = X509_VERIFY_PARAM_new ();
if (1 != X509_VERIFY_PARAM_set_flags (vp, X509_V_FLAG_CB_ISSUER_CHECK))
  error ();
if (1 != SSL_CTX_set1_param (context, vp))
  error ();
X509_VERIFY_PARAM_free (vp);