Click here to Skip to main content
15,846,004 members
Please Sign up or sign in to vote.
0.00/5 (No votes)
See more:
I am using this code:

C++
void check_cert(SSL* ssl)
{

//ssl initiation
SSL_library_init();
SSL_load_error_strings();
const SSL_METHOD *meth;
meth = SSLv3_method();
SSL_CTX *ctx;
SSL *_ssl;
ctx = SSL_CTX_new(meth);
int result = 0;
//getting the CA certificate

result = SSL_CTX_load_verify_locations(ctx1, "cacert.pem", NULL);
//result = SSL_CTX_load_verify_locations(ctx, NULL, "/home/cdac/Desktop/test/cert");
printf("\nCA load result = %d", result);

//_ssl = SSL_new(ctx);
SSL_CTX_set_verify(ctx1, SSL_VERIFY_PEER, NULL);

SSL_CTX_set_verify_depth(ctx1, 1);
int result_long = SSL_get_verify_result(ssl);
printf("\nCertificate Check Result: %d", result_long);
if (SSL_get_verify_result(ssl) != X509_V_OK)
    {
        printf("\nCertiticate Verification Failed\n");
        //exit(1);
    }
    else
    {
        printf("\nCertiticate Verification Succeeded");
    }
}



cacert.pem is the CA certificate. When i execute this I get this:

CA load result = 1
Certificate Check Result: 20
Certiticate Verification Failed


Code 20 means:

X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY: unable to get local issuer certificate

the issuer certificate could not be found: this occurs if the issuer certificate of an untrusted certificate cannot be found.


So can anyone help me? Where this fails?

The CA certificate is loading fine. (The load result returns 1).
Posted

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900