As counterpoint to Vincent Hanquez' note about the certificate store
on MacOS & Windows, I'd like to cast some doubt on the notion that
you can reliably find the cert store here on Linux or the *BSDs.
So, if my experience with platforms like that is any guide, you'd
rather not "hard code" this value in any case. I suppose that means
application needs a configuration file.
>> #else
>> SSL.contextSetCADirectory ctx "/etc/ssl/certs"
>> SSL.contextSetVerificationMode ctx $
>> SSL.VerifyPeer True True Nothing
>> #endif
On the bright side, a configuration file makes operational parameters
like this very transparent for a sys admin who needs to work with
it but wasn't in on the original install. Assuming the config file
is easy to find in the first place.
Donn
_______________________________________________
Haskell-Cafe mailing list
Haskell-Cafe@haskell.org
http://www.haskell.org/mailman/listinfo/haskell-cafe
