Subject: Re: [boost] [asio] Verify SSL certificates using the OS-specific certificate store
From: Gavin Lambert (gavinl_at_[hidden])
Date: 2017-10-01 22:58:43
On 2/10/2017 06:18, Vinnie Falco wrote:
> My understanding of boost::asio::ssl::context is that it is just a
> small wrapper around OpenSSL. You can set default verify paths, but
> that assumes the certificates are in a particular directory which they
> almost never are. For example they might be in some OS-specific type
> of database which need system calls to access.
> If a program wants to use the native operating system facilities for
> verifying certificates, then I believe significant additional code is
> needed. Is this correct?
> I am interested in writing a simple function object which will
> validate a hostname and its accompanying certificate against the
> operating-system-dependent certificate authorities. Is there some code
> somewhere that does this?
> Any resources that I can be pointed to would be of immense value.