| /openssl/ |
| H A D | CHANGES.md | 15598 * Add the arguments -CAfile and -CApath to the pkcs12 utility.
16994 openssl verify -CAfile ss.pem ss.pem
17295 * Add new -verify -CAfile and -CApath options to the crl program, these
19033 * s_server should send the CAfile as acceptable CAs, not its own cert.
|
| /openssl/apps/ |
| H A D | cms.c | 294 const char *CAfile = NULL, *CApath = NULL, *CAstore = NULL; in cms_main() local
478 CAfile = opt_arg(); in cms_main()
964 if ((store = setup_verify(CAfile, noCAfile, CApath, noCApath, in cms_main()
|
| H A D | crl.c | 89 const char *CAfile = NULL, *CApath = NULL, *CAstore = NULL, *prog; in crl_main() local
143 CAfile = opt_arg(); in crl_main()
223 if ((store = setup_verify(CAfile, noCAfile, CApath, noCApath, in crl_main()
|
| H A D | ocsp.c | 238 const char *CAfile = NULL, *CApath = NULL, *CAstore = NULL; in ocsp_main() local
393 CAfile = opt_arg(); in ocsp_main()
801 store = setup_verify(CAfile, noCAfile, CApath, noCApath, in ocsp_main()
|
| H A D | pkcs12.c | 178 const char *CApath = NULL, *CAfile = NULL, *CAstore = NULL, *prog; in pkcs12_main() local
338 CAfile = opt_arg(); in pkcs12_main()
396 if (CAfile != NULL) in pkcs12_main()
606 if ((store = setup_verify(CAfile, noCAfile, CApath, noCApath, in pkcs12_main()
|
| H A D | req.c | 246 const char *infile = NULL, *CAfile = NULL, *CAkeyfile = NULL; in req_main() local
406 CAfile = opt_arg(); in req_main()
743 CAkeyfile = CAfile; in req_main()
745 if (CAfile == NULL) { in req_main()
751 CAkeyfile != CAfile in req_main()
757 if (CAfile != NULL) { in req_main()
758 if ((CAcert = load_cert_pass(CAfile, FORMAT_UNDEF, 1, passin, in req_main()
|
| H A D | s_client.c | 809 const char *CApath = NULL, *CAfile = NULL, *CAstore = NULL; in s_client_main() local
1347 CAfile = opt_arg(); in s_client_main()
1931 if (!ctx_set_verify_locations(ctx, CAfile, noCAfile, CApath, noCApath, in s_client_main()
|
| H A D | s_server.c | 992 const char *CApath = NULL, *CAfile = NULL, *CAstore = NULL; in s_server_main() local
1326 CAfile = opt_arg(); in s_server_main()
1965 if (!ctx_set_verify_locations(ctx, CAfile, noCAfile, CApath, noCApath, in s_server_main()
2028 if (!ctx_set_verify_locations(ctx2, CAfile, noCAfile, CApath, in s_server_main()
2222 if (CAfile != NULL) { in s_server_main()
2223 SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CAfile)); in s_server_main()
2226 SSL_CTX_set_client_CA_list(ctx2, SSL_load_client_CA_file(CAfile)); in s_server_main()
|
| H A D | s_time.c | 121 char *CApath = NULL, *CAfile = NULL, *CAstore = NULL; in s_time_main() local
175 CAfile = opt_arg(); in s_time_main()
261 if (!ctx_set_verify_locations(ctx, CAfile, noCAfile, CApath, noCApath, in s_time_main()
|
| H A D | smime.c | 145 const char *CAfile = NULL, *CApath = NULL, *CAstore = NULL, *prog = NULL; in smime_main() local
331 CAfile = opt_arg(); in smime_main()
533 if ((store = setup_verify(CAfile, noCAfile, CApath, noCApath, in smime_main()
|
| H A D | ts.c | 66 const char *CApath, const char *CAfile,
71 const char *CApath, const char *CAfile,
75 static X509_STORE *create_cert_store(const char *CApath, const char *CAfile,
161 const char *CAfile = NULL, *prog; in ts_main() local
271 CAfile = opt_arg(); in ts_main()
342 CApath, CAfile, CAstore, untrusted, in ts_main()
852 const char *CApath, const char *CAfile, in verify_command() argument
873 CApath, CAfile, CAstore, untrusted, in verify_command()
974 static X509_STORE *create_cert_store(const char *CApath, const char *CAfile, in create_cert_store() argument
1000 if (CAfile != NULL) { in create_cert_store()
[all …]
|
| H A D | verify.c | 87 const char *prog, *CApath = NULL, *CAfile = NULL, *CAstore = NULL; in verify_main() local
132 CAfile = opt_arg(); in verify_main()
202 && (CAfile != NULL || CApath != NULL || CAstore != NULL)) { in verify_main()
209 if ((store = setup_verify(CAfile, noCAfile, CApath, noCApath, in verify_main()
|
| H A D | x509.c | 405 CAfile = opt_arg(); in x509_main()
659 CAkeyfile = CAfile; in x509_main()
660 if (CAfile != NULL) { in x509_main()
743 if (CAfile == NULL && sno == NULL) { in x509_main()
775 if (CAfile != NULL) { in x509_main()
817 if (CAfile != NULL) { in x509_main()
843 if (CAfile == NULL) { in x509_main()
902 } else if (CAfile != NULL) { in x509_main()
1113 const char *p = strrchr(CAfile, '.'); in x509_load_serial()
1114 size_t len = p != NULL ? (size_t)(p - CAfile) : strlen(CAfile); in x509_load_serial()
[all …]
|
| /openssl/apps/include/ |
| H A D | apps.h | 156 X509_STORE *setup_verify(const char *CAfile, int noCAfile,
160 const char *CAfile, int noCAfile,
|
| /openssl/apps/lib/ |
| H A D | apps.c | 140 const char *CAfile, int noCAfile, in ctx_set_verify_locations() argument
144 if (CAfile == NULL && CApath == NULL && CAstore == NULL) { in ctx_set_verify_locations()
155 if (CAfile != NULL && !SSL_CTX_load_verify_file(ctx, CAfile)) in ctx_set_verify_locations()
1320 X509_STORE *setup_verify(const char *CAfile, int noCAfile, in setup_verify() argument
1332 if (CAfile != NULL || !noCAfile) { in setup_verify()
1336 if (CAfile != NULL) { in setup_verify()
1337 if (X509_LOOKUP_load_file_ex(lookup, CAfile, X509_FILETYPE_PEM, in setup_verify()
1339 BIO_printf(bio_err, "Error loading file %s\n", CAfile); in setup_verify()
|
| /openssl/demos/bio/ |
| H A D | sconnect.c | 31 const char *CAfile = CAFILE; in main() local
44 CAfile = argv[2]; in main()
55 SSL_CTX_load_verify_locations(ssl_ctx, CAfile, NULL); in main()
|
| /openssl/demos/certs/apps/ |
| H A D | mkacerts.sh | 44 $OPENSSL verify -CAfile root.pem -untrusted intca.pem \
|
| /openssl/demos/certs/ |
| H A D | ocspquery.sh | 11 $OPENSSL ocsp -issuer intca.pem -cert client.pem -CAfile root.pem \
13 $OPENSSL ocsp -issuer intca.pem -cert server.pem -CAfile root.pem \
15 $OPENSSL ocsp -issuer intca.pem -cert rev.pem -CAfile root.pem \
21 -CAfile root.pem -url http://127.0.0.1:8888/
|
| /openssl/doc/man1/ |
| H A D | openssl-ocsp.pod.in | 416 certificates used to build the chain can be specified by the B<-CAfile>,
453 Normally only the B<-CApath>, B<-CAfile>, B<-CAstore> and (if the responder
|
| H A D | openssl-s_time.pod.in | 128 This is an obsolete synonym for B<-CAfile>.
141 …openssl s_time -connect servername:443 -www / -CApath yourdir -CAfile yourfile.pem -cipher commonc…
|
| H A D | openssl-ts.pod.in | 54 [B<-CAfile> I<file>]
350 =item B<-CAfile> I<file>, B<-CApath> I<dir>, B<-CAstore> I<uri>
353 At least one of B<-CAfile>, B<-CApath> or B<-CAstore> must be specified.
579 -CAfile cacert.pem -untrusted tsacert.pem
584 -CAfile cacert.pem
588 -CAfile cacert.pem
592 -in design2.tsr -CAfile cacert.pem
|
| H A D | openssl-verification-options.pod | 203 =item B<-CAfile> I<file>
209 =item B<-no-CAfile>
230 With URIs in the C<file:> scheme, this acts as B<-CAfile> or
404 via B<-CAfile>, B<-CApath>, B<-CAstore> or B<-trusted> are always used
417 This option implies the B<-no-CAfile>, B<-no-CApath>, and B<-no-CAstore> options
418 and it cannot be used with the B<-CAfile>, B<-CApath> or B<-CAstore> options, so
665 subject name must appear in a file (as specified by the B<-CAfile> option),
|
| /openssl/doc/man3/ |
| H A D | SSL_CTX_load_verify_locations.pod | 16 int SSL_CTX_load_verify_file(SSL_CTX *ctx, const char *CAfile);
25 int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
33 are located. The certificates available via B<CAfile>, B<CApath> and
65 If B<CAfile> is not NULL, it points to a file of CA certificates in PEM
75 The B<CAfile> is processed on execution of the SSL_CTX_load_verify_locations()
92 will search for suitable certificates first in B<CAfile>, then in B<CApath>.
103 is not influenced by the contents of B<CAfile> or B<CApath> and must
109 try to fill in missing certificates from B<CAfile>/B<CApath>, if the
131 The operation failed because B<CAfile> and B<CApath> are NULL or the
151 rm CAfile.pem
[all …]
|
| H A D | SSL_CTX_set0_CA_list.pod | 169 Scan all certificates in B<CAfile> and list them as acceptable CAs:
171 SSL_CTX_set_client_CA_list(ctx, SSL_load_client_CA_file(CAfile));
|
| H A D | SSL_load_client_CA_file.pod | 79 cert_names = SSL_load_client_CA_file("/path/to/CAfile.pem");
|
