Boost logo

Boost :

Subject: [boost] [asio] Verify SSL certificates using the OS-specific certificate store
From: Vinnie Falco (vinnie.falco_at_[hidden])
Date: 2017-10-01 17:18:06


My understanding of boost::asio::ssl::context is that it is just a
small wrapper around OpenSSL. You can set default verify paths, but
that assumes the certificates are in a particular directory which they
almost never are. For example they might be in some OS-specific type
of database which need system calls to access.

If a program wants to use the native operating system facilities for
verifying certificates, then I believe significant additional code is
needed. Is this correct?

I am interested in writing a simple function object which will
validate a hostname and its accompanying certificate against the
operating-system-dependent certificate authorities. Is there some code
somewhere that does this?

Any resources that I can be pointed to would be of immense value.

Thanks


Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk