curl / Mailing Lists / curl-library / Single Mail


Windows and CA certificates

From: Daniel Jeliński via curl-library <>
Date: Tue, 7 Aug 2018 23:11:25 +0200

I recently started using HTTPS functionality with libcurl + openSSL; I
noticed that by default this combo does not use Windows certificates,
but instead wants to load them from CA bundle. This poses a
maintenance problem - the bundle needs to be manually refreshed every
now and then by the application maintainer, which implies that the
application requires a maintainer in the first place.

Windows certificates are updated automatically as long as the machine
is connected to the Internet. Should libcurl load Windows certificates
when started on Windows?

I'm currently running code based on a sample found in the mailing list
archive [1], and it works just fine. I would like to offload its
functionality to libcurl. What do you think?

Received on 2018-08-07