Hi I ship my own PEM file “cacerts.pem” containing trusted certificates with my application. Then, I use “SSL_CTX_load_verify_locations” to tell OpenSSL to use cacerts.pem during certificate verification. However, given that Windows already has a certificate store (Control Panel->Internet Options-> Content Tab->Certificates), I'm wondering whether there is a way to tell OpenSSL to look here instead. This would mean I would not need to ship my own PEM file.
Any help appreciated. Thanks Dave
