how to create trust chain for certificate validation using openssl in C++.?

can any one tell me how to create a trust chain . i am having 5 CA certificates(CA's are different). i need to create a trust chain with the Maximum depth of 3.

i need to ver开发者_JS百科ify a certificate signature which can be signed by any one of the CA. All the CA files are in a folder named " CertificateFolder ".

First you need to establish the relation between these 5 CAs. The chain is defined by the dependency between your CA certificates. Example: ROOT_CA signs CA_1 and CA_2. CA_1 signs CA_11, and CA_2 signs CA_21. These CA certificates will be part of your trusted chain.

Then there's SSL_CTX_load_verify_locations, which specifies the default locations (directories) for trusted CA certificates.

Having this you'll be able to verify if a given certificate is signed by one of your CAs.