|
Boost Users : |
From: j.c. (jolix_at_[hidden])
Date: 2008-03-06 20:47:25
(Certificate files might be encrypted as well from the technical point
of view, it however does not make sense as the data in the
certificate
is considered public anyway.)
On Mar 6, 2008, at 2:19 PM, j.c. wrote:
> What is the security risk in the ca.pem to be placed on end-users
> machines?
>
> Thanks,
> j.c.
>
> On Feb 26, 2008, at 5:26 PM, Eugene M. Kim wrote:
>
>> j.c. wrote:
>>> Hello,
>>> I have implemented a TLS client/server application and will be
>>> using self-assigned certificates due to the small scale of
>>> distribution. I am currently using the function
>>> load_verify_file("ca.pem"), however I don't want to write the
>>> certificate to end-users disk. What would be the proper way to use
>>> an "in-memory or compiled" certificate for peer verification?
>> I was trying to do the same thing, and unfortunately there seems to
>> be no API for this. I'm afraid you'd have to use directly the
>> underlying implementation (OpenSSL's SSL_CTX structure), which you
>> can access with ssl::context::impl() method. ;-(
>>
>> Eugene
>>
>> _______________________________________________
>> Boost-users mailing list
>> Boost-users_at_[hidden]
>> http://lists.boost.org/mailman/listinfo.cgi/boost-users
>
> _______________________________________________
> Boost-users mailing list
> Boost-users_at_[hidden]
> http://lists.boost.org/mailman/listinfo.cgi/boost-users
Boost-users list run by williamkempf at hotmail.com, kalb at libertysoft.com, bjorn.karlsson at readsoft.com, gregod at cs.rpi.edu, wekempf at cox.net