can any one tell me how to create a trust chain . i am having 5 CA certificates(CA's are different). i need to create a trust chain with the Maximum depth of 3.
i need to verify a certificate signature which can be signed by any one of the CA. All the CA files are in a folder named " CertificateFolder ".
First you need to establish the relation between these 5 CAs. The chain is defined by the dependency between your CA certificates. Example: ROOT_CA signs CA_1 and CA_2. CA_1 signs CA_11, and CA_2 signs CA_21. These CA certificates will be part of your trusted chain.
Then there's SSL_CTX_load_verify_locations, which specifies the default locations (directories) for trusted CA certificates.
Having this you'll be able to verify if a given certificate is signed by one of your CAs.
