Another idea was to mimic the MS certificate server. The application
could download a missing certificate from your website.

Is not save when you don't where you are downloading it from (I have no control of what our clients are doing)

I can imagine the trouble, however OpenSSL was choosen as the SSL
implementation with cross platform support in mind, I still think this
was a good decision.

It still is.

Maybe I will add the most common CA's .
Enterprise clients usually use GlobalSign, VeriSign, ..

Is it better to add them seperately and use RpSslContext.SslCAPath
or combine them as CRLF separated certs in a single file using RpSslContext.SslCAFile ?

If I import the certificates, the exe will grow with ~ 130kB and that's unacceptable for 1 application

To unsubscribe or change your settings for TWSocket mailing list
please goto
Visit our website at

Reply via email to