Hello,
Sorry if this is FAQ, or any other way stupid question, e.t.c.
I have to configure vibe.d tlsstream to verify remote certificate.
Please correct me if I'm wrong -- here is part of my code to
request certificate verification:
auto sslctx = createTLSContext(TLSContextKind.client);
sslctx.useTrustedCertificateFile("/opt/local/etc/openssl/cert.pem");
sslctx.peerValidationMode = TLSPeerValidationMode.trustedCert;
auto _stream = createTLSStream(_conn, sslctx, host);
the problem here is call to useTrustedCertificateFile. At compile
time I do not know place of cert authority file, and this
location can also be unknown for program user even if there is a
way to configure it during program start.
libopenssl provide call SSL_CTX_set_default_verify_paths(ctx) -
which configure default (already known to library code) location
of ca certs distributed with openssl.
Is there any way for vibed sslctx to configure CA cert path "by
default value"?
Thanks for your responce!
