On Thu, 28 Aug 2014, Arif Ali Saiyed wrote:
Is there any simple way of telling libCurl to use host machine's SSL certificate store? If its on Windows point to windows default cert store if its on Mac point to Mac's cert store.
I believe that's what you get if you use the "native" TLS library that comes with the Operating systems. Windows, Mac OS X or Linux distros.
But I'll complicate the issue for you. Why would your application blindly trust exactly those CAs that the different operating systems trust? Or put another way, if you don't trust a certain CA on one operating system, why would you trust it on another?
4. multiple browsers on same operating system use the same certificate store or all of them have their on certificate store?
IMHO, all applications and especially browsers, should make sure to only have certificates for CAs they trust and they should have their own bundle for that. Thus they need to maintain their own bundle. Also, an application can very well decide to trust a CA that the operating system vendor doesn't.
5. Do i need to worry about nss?
If you want to use libcurl built to use nss, sure. -- / daniel.haxx.se ------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
