I have done it earlier.Hope this helps, if this is exactly what you are looking for.

1. Load your certificate (in PCCERT_CONTEXT structure) from Windows Cert store using Crypto APIs.
2. Get encrypted content of it in binary format as it is. [PCCERT_CONTEXT->pbCertEncoded].
3. Parse this binary buffer into X509 certificate Object using OpenSSL's d2i_X509() method.
4. Get handle to OpenSSL's trust store using SSL_CTX_get_cert_store() method.
5. Load above parsed X509 certificate into this trust store using X509_STORE_add_cert() method.
6. You are done!

For those of you still struggling with this as I have been, here is a sample code to get you started:

#include <stdio.h>#include <windows.h>#include <wincrypt.h>#include <cryptuiapi.h>#include <iostream>#include <tchar.h>#include "openssl\x509.h"#pragma comment (lib, "crypt32.lib")#pragma comment (lib, "cryptui.lib")#define MY_ENCODING_TYPE  (PKCS_7_ASN_ENCODING | X509_ASN_ENCODING)int main(void){    HCERTSTORE hStore;    PCCERT_CONTEXT pContext = NULL;    X509 *x509;    X509_STORE *store = X509_STORE_new();    hStore = CertOpenSystemStore(NULL, L"ROOT");    if (!hStore)        return 1;    while (pContext = CertEnumCertificatesInStore(hStore, pContext))    {        //uncomment the line below if you want to see the certificates as pop ups        //CryptUIDlgViewContext(CERT_STORE_CERTIFICATE_CONTEXT, pContext,   NULL, NULL, 0, NULL);        x509 = NULL;        x509 = d2i_X509(NULL, (const unsigned char **)&pContext->pbCertEncoded, pContext->cbCertEncoded);        if (x509)        {            int i = X509_STORE_add_cert(store, x509);            if (i == 1)                std::cout << "certificate added" << std::endl;            X509_free(x509);        }    }CertFreeCertificateContext(pContext);CertCloseStore(hStore, 0);system("pause");return 0;}

No. Not out of the box.

No it is not possible out of the box. It would require additional programming. With OpenSSL you have two (out of the box) options:

1. Use OpenSSL's own cert store (it is a hierarchy of directories created by perl script provided with OpenSSL)
2. Use only a certificate chain file created by you (it is a text file with all PEM-encoded certificates in a chain of trust). Creating such a file is easy (just appending it)