I have done it earlier.
Hope this helps, if this is exactly what you are looking for.
- Load your certificate (in
PCCERT_CONTEXT
structure) from Windows Cert store using Crypto APIs. - Get encrypted content of it in binary format as it is. [
PCCERT_CONTEXT->pbCertEncoded
]. - Parse this binary buffer into X509 certificate Object using OpenSSL’s
d2i_X509()
method. - Get handle to OpenSSL’s trust store using
SSL_CTX_get_cert_store()
method. - Load above parsed X509 certificate into this trust store using
X509_STORE_add_cert()
method. - You are done!