/openssl/ |
H A D | CHANGES.md | 15598 * Add the arguments -CAfile and -CApath to the pkcs12 utility. 16994 openssl verify -CAfile ss.pem ss.pem 17295 * Add new -verify -CAfile and -CApath options to the crl program, these 19033 * s_server should send the CAfile as acceptable CAs, not its own cert.
|
/openssl/apps/ |
H A D | cms.c | 294 const char *CAfile = NULL, *CApath = NULL, *CAstore = NULL; in cms_main() local 478 CAfile = opt_arg(); in cms_main() 964 if ((store = setup_verify(CAfile, noCAfile, CApath, noCApath, in cms_main()
|
H A D | crl.c | 89 const char *CAfile = NULL, *CApath = NULL, *CAstore = NULL, *prog; in crl_main() local 143 CAfile = opt_arg(); in crl_main() 223 if ((store = setup_verify(CAfile, noCAfile, CApath, noCApath, in crl_main()
|
H A D | ocsp.c | 238 const char *CAfile = NULL, *CApath = NULL, *CAstore = NULL; in ocsp_main() local 393 CAfile = opt_arg(); in ocsp_main() 801 store = setup_verify(CAfile, noCAfile, CApath, noCApath, in ocsp_main()
|
H A D | pkcs12.c | 178 const char *CApath = NULL, *CAfile = NULL, *CAstore = NULL, *prog; in pkcs12_main() local 338 CAfile = opt_arg(); in pkcs12_main() 396 if (CAfile != NULL) in pkcs12_main() 606 if ((store = setup_verify(CAfile, noCAfile, CApath, noCApath, in pkcs12_main()
|
H A D | req.c | 246 const char *infile = NULL, *CAfile = NULL, *CAkeyfile = NULL; in req_main() local 406 CAfile = opt_arg(); in req_main() 743 CAkeyfile = CAfile; in req_main() 745 if (CAfile == NULL) { in req_main() 751 CAkeyfile != CAfile in req_main() 757 if (CAfile != NULL) { in req_main() 758 if ((CAcert = load_cert_pass(CAfile, FORMAT_UNDEF, 1, passin, in req_main()
|
H A D | s_client.c | 809 const char *CApath = NULL, *CAfile = NULL, *CAstore = NULL; in s_client_main() local 1347 CAfile = opt_arg(); in s_client_main() 1931 if (!ctx_set_verify_locations(ctx, CAfile, noCAfile, CApath, noCApath, in s_client_main()
|
H A D | s_server.c | 992 const char *CApath = NULL, *CAfile = NULL, *CAstore = NULL; in s_server_main() local 1326 CAfile = opt_arg(); in s_server_main() 1965 if (!ctx_set_verify_locations(ctx, CAfile, noCAfile, CApath, noCApath, in s_server_main() 2028 if (!ctx_set_verify_locations(ctx2, CAfile, noCAfile, CApath, in s_server_main() 2222 if (CAfile != NULL) { in s_server_main() 2223 SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CAfile)); in s_server_main() 2226 SSL_CTX_set_client_CA_list(ctx2, SSL_load_client_CA_file(CAfile)); in s_server_main()
|
H A D | s_time.c | 121 char *CApath = NULL, *CAfile = NULL, *CAstore = NULL; in s_time_main() local 175 CAfile = opt_arg(); in s_time_main() 261 if (!ctx_set_verify_locations(ctx, CAfile, noCAfile, CApath, noCApath, in s_time_main()
|
H A D | smime.c | 145 const char *CAfile = NULL, *CApath = NULL, *CAstore = NULL, *prog = NULL; in smime_main() local 331 CAfile = opt_arg(); in smime_main() 533 if ((store = setup_verify(CAfile, noCAfile, CApath, noCApath, in smime_main()
|
H A D | ts.c | 66 const char *CApath, const char *CAfile, 71 const char *CApath, const char *CAfile, 75 static X509_STORE *create_cert_store(const char *CApath, const char *CAfile, 161 const char *CAfile = NULL, *prog; in ts_main() local 271 CAfile = opt_arg(); in ts_main() 342 CApath, CAfile, CAstore, untrusted, in ts_main() 852 const char *CApath, const char *CAfile, in verify_command() argument 873 CApath, CAfile, CAstore, untrusted, in verify_command() 974 static X509_STORE *create_cert_store(const char *CApath, const char *CAfile, in create_cert_store() argument 1000 if (CAfile != NULL) { in create_cert_store() [all …]
|
H A D | verify.c | 87 const char *prog, *CApath = NULL, *CAfile = NULL, *CAstore = NULL; in verify_main() local 132 CAfile = opt_arg(); in verify_main() 202 && (CAfile != NULL || CApath != NULL || CAstore != NULL)) { in verify_main() 209 if ((store = setup_verify(CAfile, noCAfile, CApath, noCApath, in verify_main()
|
H A D | x509.c | 405 CAfile = opt_arg(); in x509_main() 659 CAkeyfile = CAfile; in x509_main() 660 if (CAfile != NULL) { in x509_main() 743 if (CAfile == NULL && sno == NULL) { in x509_main() 775 if (CAfile != NULL) { in x509_main() 817 if (CAfile != NULL) { in x509_main() 843 if (CAfile == NULL) { in x509_main() 902 } else if (CAfile != NULL) { in x509_main() 1113 const char *p = strrchr(CAfile, '.'); in x509_load_serial() 1114 size_t len = p != NULL ? (size_t)(p - CAfile) : strlen(CAfile); in x509_load_serial() [all …]
|
/openssl/apps/include/ |
H A D | apps.h | 156 X509_STORE *setup_verify(const char *CAfile, int noCAfile, 160 const char *CAfile, int noCAfile,
|
/openssl/apps/lib/ |
H A D | apps.c | 140 const char *CAfile, int noCAfile, in ctx_set_verify_locations() argument 144 if (CAfile == NULL && CApath == NULL && CAstore == NULL) { in ctx_set_verify_locations() 155 if (CAfile != NULL && !SSL_CTX_load_verify_file(ctx, CAfile)) in ctx_set_verify_locations() 1320 X509_STORE *setup_verify(const char *CAfile, int noCAfile, in setup_verify() argument 1332 if (CAfile != NULL || !noCAfile) { in setup_verify() 1336 if (CAfile != NULL) { in setup_verify() 1337 if (X509_LOOKUP_load_file_ex(lookup, CAfile, X509_FILETYPE_PEM, in setup_verify() 1339 BIO_printf(bio_err, "Error loading file %s\n", CAfile); in setup_verify()
|
/openssl/demos/bio/ |
H A D | sconnect.c | 31 const char *CAfile = CAFILE; in main() local 44 CAfile = argv[2]; in main() 55 SSL_CTX_load_verify_locations(ssl_ctx, CAfile, NULL); in main()
|
/openssl/demos/certs/apps/ |
H A D | mkacerts.sh | 44 $OPENSSL verify -CAfile root.pem -untrusted intca.pem \
|
/openssl/demos/certs/ |
H A D | ocspquery.sh | 11 $OPENSSL ocsp -issuer intca.pem -cert client.pem -CAfile root.pem \ 13 $OPENSSL ocsp -issuer intca.pem -cert server.pem -CAfile root.pem \ 15 $OPENSSL ocsp -issuer intca.pem -cert rev.pem -CAfile root.pem \ 21 -CAfile root.pem -url http://127.0.0.1:8888/
|
/openssl/doc/man1/ |
H A D | openssl-ocsp.pod.in | 416 certificates used to build the chain can be specified by the B<-CAfile>, 453 Normally only the B<-CApath>, B<-CAfile>, B<-CAstore> and (if the responder
|
H A D | openssl-s_time.pod.in | 128 This is an obsolete synonym for B<-CAfile>. 141 …openssl s_time -connect servername:443 -www / -CApath yourdir -CAfile yourfile.pem -cipher commonc…
|
H A D | openssl-ts.pod.in | 54 [B<-CAfile> I<file>] 350 =item B<-CAfile> I<file>, B<-CApath> I<dir>, B<-CAstore> I<uri> 353 At least one of B<-CAfile>, B<-CApath> or B<-CAstore> must be specified. 579 -CAfile cacert.pem -untrusted tsacert.pem 584 -CAfile cacert.pem 588 -CAfile cacert.pem 592 -in design2.tsr -CAfile cacert.pem
|
H A D | openssl-verification-options.pod | 203 =item B<-CAfile> I<file> 209 =item B<-no-CAfile> 230 With URIs in the C<file:> scheme, this acts as B<-CAfile> or 404 via B<-CAfile>, B<-CApath>, B<-CAstore> or B<-trusted> are always used 417 This option implies the B<-no-CAfile>, B<-no-CApath>, and B<-no-CAstore> options 418 and it cannot be used with the B<-CAfile>, B<-CApath> or B<-CAstore> options, so 665 subject name must appear in a file (as specified by the B<-CAfile> option),
|
/openssl/doc/man3/ |
H A D | SSL_CTX_load_verify_locations.pod | 16 int SSL_CTX_load_verify_file(SSL_CTX *ctx, const char *CAfile); 25 int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile, 33 are located. The certificates available via B<CAfile>, B<CApath> and 65 If B<CAfile> is not NULL, it points to a file of CA certificates in PEM 75 The B<CAfile> is processed on execution of the SSL_CTX_load_verify_locations() 92 will search for suitable certificates first in B<CAfile>, then in B<CApath>. 103 is not influenced by the contents of B<CAfile> or B<CApath> and must 109 try to fill in missing certificates from B<CAfile>/B<CApath>, if the 131 The operation failed because B<CAfile> and B<CApath> are NULL or the 151 rm CAfile.pem [all …]
|
H A D | SSL_CTX_set0_CA_list.pod | 169 Scan all certificates in B<CAfile> and list them as acceptable CAs: 171 SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CAfile));
|
H A D | SSL_load_client_CA_file.pod | 79 cert_names = SSL_load_client_CA_file("/path/to/CAfile.pem");
|