Hey guys, I am a newbie to secure sockets, but understand the theory enough to be able to implement SSL on top of libCurl. I am trying to communicate over SSL with a HTTPS server. I have been given a self-signed CA certificate as a const char* stream (no file system available), and am struggling to get the handshaking working (am getting this error: X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT) The CA Certificate is in PEM format, and I cannot find methods to convert that certificate (via code) to DER so that I can add the cert to the root chain. E.g. I want to do this...  X509 *x509 = NULL;  unsigned char *c;  c = server_cert_der;  x509 = d2i_X509( NULL, &c, (long) sizeof( server_cert_der ) );  if( x509 == NULL ){   printf("ERROR: failed to d2i_X509\n");  }  if( !SSL_CTX_add_extra_chain_cert( ctx, x509 ) ){   printf("ERROR: failed to SSL_CTX_add_extra_chain_cert\n");  } Does anyone know how to perform any of the following: A) Convert the .PEM string to .DER so I can perform the above B) Use routines within openSSL so I can add the cert as a PEM and avoid any conversion step. Thanks in advance, -twelves

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2010-11-29