|
pure virtual |
Retrieves the root certificate from the current connections peer and places it in the specified keystore's trusted root namespace (p6r.trustedroot).
This namespace is used by the SSL layer to verify peer certificates.
This can be used to provision a client with the proper root certificate if the connection between the client and the server is trusted in some way. For example a closed lan where both client and server are directly connected.
To use this mechanism to provision a client
The keystore you provided will now contain the peers root certificate and can be used for future connections to properly authenticate the server. You must pass the same keystore into the call to initSecureSoccket() that you passed into this method for the new connection.
09/29/2014-22:06:18:303000 [3910] hostname.example.com debug main (csslengine.cpp:1611) SSLEng Import Cert [ eOk ] namespace [ p6r.trustedroot ] subject hash [ f081611a ] issuer [ C = US, O = "The Go Daddy Group, Inc.", OU = Go Daddy Class 2 Certification Authority ] subject [ OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\, Inc.,C=US ]
pKeystore | [ in ] A pointer to the the p6IKeystore interface to place the credentials in or NULL to use the global keystore if available. The global keystore service is only available when running under p6Platform. Library products such as SKC do not support the global keystore and this method will fail if this argument is NULL when called from those products. |