Expand description
Describe a context in which to verify an X509
certificate.
The X509
certificate store holds trusted CA certificates used to verify
peer certificates.
§Example
use openssl::x509::store::{X509StoreBuilder, X509Store};
use openssl::x509::{X509, X509Name};
use openssl::asn1::Asn1Time;
use openssl::pkey::PKey;
use openssl::hash::MessageDigest;
use openssl::rsa::Rsa;
use openssl::nid::Nid;
let rsa = Rsa::generate(2048).unwrap();
let pkey = PKey::from_rsa(rsa).unwrap();
let mut name = X509Name::builder().unwrap();
name.append_entry_by_nid(Nid::COMMONNAME, "foobar.com").unwrap();
let name = name.build();
// Sep 27th, 2016
let sample_time = Asn1Time::from_unix(1474934400).unwrap();
let mut builder = X509::builder().unwrap();
builder.set_version(2).unwrap();
builder.set_subject_name(&name).unwrap();
builder.set_issuer_name(&name).unwrap();
builder.set_pubkey(&pkey).unwrap();
builder.set_not_before(&sample_time);
builder.set_not_after(&sample_time);
builder.sign(&pkey, MessageDigest::sha256()).unwrap();
let certificate: X509 = builder.build();
let mut builder = X509StoreBuilder::new().unwrap();
let _ = builder.add_cert(certificate);
let store: X509Store = builder.build();
Structs§
- Marker type corresponding to the
X509_LOOKUP_file
lookup method. - Marker type corresponding to the
X509_LOOKUP_hash_dir
lookup method. - Information used by an
X509Store
to look up certificates and CRLs. - Method used to look up certificates and CRLs.
- A reference to an
X509LookupMethod
. - A reference to an
X509Lookup
. - A certificate store to hold trusted
X509
certificates. - A builder type used to construct an
X509Store
. - A reference to an
X509StoreBuilder
. - Reference to an
X509Store
.