generic-library/poco
1
0
Fork 0
mirror of https://github.com/pocoproject/poco.git synced 2025-02-23 15:14:37 +01:00
Code Issues Projects Releases Wiki Activity

Merge pull request #2197 from Bjoe/feature-Add_ca_into_ssl_context

Browse Source 
Improve SSL Context, include a function to add certificate authority
This commit is contained in:
Günter Obiltschnig 2018-03-05 19:51:07 +01:00 committed by GitHub
commit a2322be390
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 22 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
NetSSL_OpenSSL/include/Poco/Net/Context.h
View File

@ -210,6 +210,9 @@ public:
~Context();
/// Destroys the Context.
void addCertificateAuthority(const Poco::Crypto::X509Certificate& certificate);
/// Add one trusted certification authority to be used by the Context.
void useCertificate(const Poco::Crypto::X509Certificate& certificate);
/// Sets the certificate to be used by the Context.
///

19
NetSSL_OpenSSL/src/Context.cpp
View File

@ -185,6 +185,25 @@ void Context::init(const Params& params)
}
void Context::addCertificateAuthority(const Crypto::X509Certificate &certificate)
{
if (X509_STORE* store = SSL_CTX_get_cert_store(_pSSLContext))
{
int errCode = X509_STORE_add_cert(store, const_cast<X509*>(certificate.certificate()));
if (errCode != 1)
{
std::string msg = Utility::getLastError();
throw SSLContextException("Cannot add certificate authority for Context", msg);
}
}
else
{
std::string msg = Utility::getLastError();
throw SSLContextException("Cannot add certificate authority for Context", msg);
}
}
void Context::useCertificate(const Poco::Crypto::X509Certificate& certificate)
{
int errCode = SSL_CTX_use_certificate(_pSSLContext, const_cast<X509*>(certificate.certificate()));