curl-library
Re: https and certificates
Date: Mon, 27 May 2002 23:35:10 -0400
Curl currently is capable of using all the CA certs bundled into a
single file
because thats how i have been using it for quite a long time.I dont
think we need
any modification for that.Since Curl passes this to openssl, openssl
knows how to handle the
multiple cacerts in the same file
Atleast in windows i know that CAPath may not work because of an
inherent problem
(iam not sure if that can be called a problem as thats how OpenSSL has
been designed)
because of the way they retreive multiple CA files from the
directory(CAPath).I know
that this was the case till openssl-0.9.5a .Not sure if this has been
fixed
Regards
Bharath
Daniel Stenberg wrote:
On Mon, 27 May 2002, Andreas Olsson wrote:
Today my client program is hardcoded with a specific CaCertFile
curl_easy_setopt(curl,CURLOPT_CAINFO,pCACertFile);
This is ok as long as I know what certificate the server uses.
Is it possible to specify a directory containing many cert files or to
bundle them all together in one large cert file and give that to
libcurl?
This is currently not possible. I would gladly accept a patch what would
introduce CURLOPT_CAPATH that would then set the OpenSSL 'CApath'
accordingly, the same way CURLOPT_CAINFO currently sets 'CAfile'.
Would you be able to write us a patch for this?
_______________________________________________________________
Don't miss the 2002 Sprint PCS Application Developer's Conference
August 25-28 in Las Vegas -- http://devcon.sprintpcs.com/adp/index.cfm
Received on 2002-05-28