Subject: [boost] [asio] Verify SSL certificates using the OS-specific certificate store
From: Vinnie Falco (vinnie.falco_at_[hidden])
Date: 2017-10-01 17:18:06
My understanding of boost::asio::ssl::context is that it is just a
small wrapper around OpenSSL. You can set default verify paths, but
that assumes the certificates are in a particular directory which they
almost never are. For example they might be in some OS-specific type
of database which need system calls to access.
If a program wants to use the native operating system facilities for
verifying certificates, then I believe significant additional code is
needed. Is this correct?
I am interested in writing a simple function object which will
validate a hostname and its accompanying certificate against the
operating-system-dependent certificate authorities. Is there some code
somewhere that does this?
Any resources that I can be pointed to would be of immense value.