im currently writing a server/client system using ssl socket. I use the openssl api.
But i have a little trouble making the necessary certificates. My problem is when the client wants to verify the certificate. And I have found out that the thing that Im missing is the ca file that represents trusted certificates.
On the server, this is the function to use.
if (!SSL_CTX_load_verify_locations(ctx, "ca.file", 0))
But i do not know how to create that file.
I made the certificate/private key using the "CA.pl -newcert" command, creating a certificate and private key. This is just a perl script that does the same job as the openssl command tool
What I want, is for that certificate to be a trusted one. The "ca.file" is supposed to contain the certificates that are trusted.
Anyone have any ideas how to produce that ca.file