}
std::shared_ptr<EVP_PKEY> loadPkeyFromFile( const std::string& filename ) {
- std::shared_ptr<FILE> f( fopen( filename.c_str(), "r" ), fclose );
+ std::shared_ptr<FILE> f( fopen( filename.c_str(), "r" ), []( FILE * ptr ) {
+ if( ptr ) {
+ fclose( ptr );
+ }
+ } );
if( !f ) {
return std::shared_ptr<EVP_PKEY>();
SSL_CTX_set_verify( ctx.get(), SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, verify_callback );
SSL_CTX_use_certificate_file( ctx.get(), server ? "keys/signer_server.crt" : "keys/signer_client.crt", SSL_FILETYPE_PEM );
SSL_CTX_use_PrivateKey_file( ctx.get(), server ? "keys/signer_server.key" : "keys/signer_client.key", SSL_FILETYPE_PEM );
+
if( 1 != SSL_CTX_load_verify_locations( ctx.get(), "keys/ca.crt", 0 ) ) {
throw "Cannot load CA store for certificate validation.";
}