Hi Andy,

Thanks a lot for your comments. I now understand what you were trying to do...
Unfortunately, your suggestion would have worked if it was possible to exchange the certificate store between SSL_CTX. This is only possible for openssl with a version >= 1.1.1 (with the SSL_CTX_set1_cert_store() macro) (documentation: https://www.openssl.org/docs/man1.1.1/man3/SSL_CTX_get_cert_store.html)
.
As we are running Centos 7 that comes with OpenSSL 1.0.2, this macro does not exist and cannot be used.

I have discussed this with @simonmichal and I believe we have found a way around it.

I'll keep you updated as I progress...

Cheers,
Cedric

—
Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you are subscribed to this thread.

[ { "@context": "http://schema.org", "@type": "EmailMessage", "potentialAction": { "@type": "ViewAction", "target": "https://github.com/xrootd/xrootd/pull/1778#issuecomment-1235394012", "url": "https://github.com/xrootd/xrootd/pull/1778#issuecomment-1235394012", "name": "View Pull Request" }, "description": "View this Pull Request on GitHub", "publisher": { "@type": "Organization", "name": "GitHub", "url": "https://github.com" } } ]

Use REPLY-ALL to reply to list

To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1