curl / Mailing Lists / curl-library / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Re: Has the time come to drop NSS?

From: Cristian Rodríguez via curl-library <>
Date: Tue, 22 Feb 2022 15:09:04 -0300

On Mon, Feb 21, 2022 at 10:40 AM Michael Stahl <> wrote:

> reads a trust database from the operating system, and do that centrally
> for the whole process?

Yes, that's how any distribution does it.. by hooking into whatever
the trust database is so
when the application calls SSL_CTX_set_default_verify_paths() it is
used from that point on.

It would be cool that OPENSSL_init_ssl() had a flag to do this lazily
by default whenever is needed but atm that's not the case.
Received on 2022-02-22