generic-library/poco
1
0
Fork 0
mirror of https://github.com/pocoproject/poco.git synced 2025-10-16 18:56:52 +02:00
Code Issues Projects Releases Wiki Activity

Improve ssl context, include a function to add CA certificates.

Browse Source
This commit is contained in:
Joerg-Christian Boehme
2018-03-04 21:24:58 +01:00
parent 181fc0eea3
commit 4c05d4baf7
2 changed files with 22 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
NetSSL_OpenSSL/include/Poco/Net/Context.h
View File

@@ -210,6 +210,9 @@ public:
~Context();
/// Destroys the Context.
void addCertificateAuthority(const Poco::Crypto::X509Certificate& certificate);
/// Add one trusted certification authority to be used by the Context.
void useCertificate(const Poco::Crypto::X509Certificate& certificate);
/// Sets the certificate to be used by the Context.
///

19
NetSSL_OpenSSL/src/Context.cpp
View File

@@ -185,6 +185,25 @@ void Context::init(const Params& params)
}
void Context::addCertificateAuthority(const Crypto::X509Certificate &certificate)
{
if (X509_STORE* store = SSL_CTX_get_cert_store(_pSSLContext))
{
int errCode = X509_STORE_add_cert(store, const_cast<X509*>(certificate.certificate()));
if (errCode != 1)
{
std::string msg = Utility::getLastError();
throw SSLContextException("Cannot add certificate authority for Context", msg);
}
}
else
{
std::string msg = Utility::getLastError();
throw SSLContextException("Cannot add certificate authority for Context", msg);
}
}
void Context::useCertificate(const Poco::Crypto::X509Certificate& certificate)
{
int errCode = SSL_CTX_use_certificate(_pSSLContext, const_cast<X509*>(certificate.certificate()));