im currently writing a server/client system using ssl socket. I use the openssl api.
But i have a little trouble making the necessary certificates. My problem is when the client wants to verify the certificate. And I have found out that the thing that Im missing is the ca file that represents trusted certificates.
On the server, this is the function to use.
Code:
if (!SSL_CTX_load_verify_locations(ctx, "ca.file", 0))
{
fprintf("error message.....");
abort();
}
But i do not know how to create that file.
I made the certificate/private key using the "CA.pl -newcert" command, creating a certificate and private key. This is just a perl script that does the same job as the openssl command tool
What I want, is for that certificate to be a trusted one. The "ca.file" is supposed to contain the certificates that are trusted.
Anyone have any ideas how to produce that ca.file