stackoom
  简体   繁体   中英

openssl api verify the public key matches private key

 原文  2010-06-09 19:21:40       c/ openssl

Question

How do I write an openssl server that on a single port has two different active RSA private keys? The openssl documentation seems to implies there can only be one rsa private key active at time with in a context. So I was thinking I have two active context, but what is the code to handle figuring out which connection matches which context. Or am I going about this the wrong way.

1 answers

solution1
 0 ACCPTED  2010-06-10 00:20:37

It's kind of an odd thing to want, but it's doable. You can maintain two active SSL_CTX handles, each of which has a different certificate/private key pair loaded.

When you accept a new connection, just pick the right SSL_CTX to generate the new SSL handle from (using SSL_new() ). As for "which connection matches which certificate" - that's up to you to determine. You could decide based on the peer address of the connection, or you might have a plain text protocol prior to starting SSL where the peer identifies the certificate it is expecting.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Verify public key matches signature of private key Verify a RSA public key in OpenSSL? Extracting public key from private key in OpenSSL Can't set public/private key in OpenSSL Generate RSA public/private key with OpenSSL? Reading Public/Private Key from Memory with OpenSSL How to extract public key from private key using openssl in C set private and public EC key with OpenSSL from files How to generate ECDSA private and public key for DNSSEC using OpenSSL? OPENSSL and private key
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM