开发者

OpenSSL SSL_CTX_use_PrivateKey_file with Windows certificate store

I have a native C++ library which uses OpenSSL for TLS. It reads the private key using SSL_CTX_use_PrivateKey_file and everything is fine,

Then I created a C# wrapper which reads the certificates from Windows certificate sto开发者_如何学运维re according to certain OIDs and the subject name. And here is the problem - I might get more than one certificate. How can I deal with that? Try all of them?

Is it possible to hold more than one private key in a PEM file?

Thank you very much.


You can only present one certificate to the client (well, you can present an entire certificate chain, but that's a different thing - there's still only one server certificate in the end). So you'll have to figure out a way to choose just one - perhaps choosing the one with the latest expiry date makes sense?

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜