From 6072165fd76c49dc581fdbd6a184e63df4375da8 Mon Sep 17 00:00:00 2001 From: Bernhard Miklautz Date: Wed, 11 Mar 2015 12:06:52 +0100 Subject: [PATCH] crypto: use PEM as certificate store file format Currently the certificate format expected in FreeRDPs certificate store is DER (ASN1). On most linux/unix systems the system certificate store default format is PEM. Which is also the more common format used by CAs to distribute their certificates. Changing the default format to PEM allows the usage of system certificates or published CA certificates without the need to convert them. This fixes a part of issue #2446. --- libfreerdp/crypto/crypto.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libfreerdp/crypto/crypto.c b/libfreerdp/crypto/crypto.c index efbdd5aa3..37f800f42 100644 --- a/libfreerdp/crypto/crypto.c +++ b/libfreerdp/crypto/crypto.c @@ -523,7 +523,7 @@ BOOL x509_verify_certificate(CryptoCert cert, char* certificate_store_path) if (certificate_store_path != NULL) { - X509_LOOKUP_add_dir(lookup, certificate_store_path, X509_FILETYPE_ASN1); + X509_LOOKUP_add_dir(lookup, certificate_store_path, X509_FILETYPE_PEM); } csc = X509_STORE_CTX_new();