Re: Use several certificates.crt files



On 10/14/2012 10:41 AM, Samuel Loury wrote:
> Then my question is: Is there a way to still have the system trusted
> certificates checked and having some personal certificates checked to?
> Is it possible for instance to give a list of files to ssl-ca-file to
> SoupSession?

No

> ssl-ca-file seems to be deprecated[1], then what would be
> the way to do this in a non deprecated way?

In theory, you could create your own GTlsDatabase subclass that read in
multiple files and allowed authenticating against any of them, and then
you'd set the session's tls-database property to that. But that would be
a bunch of work.

The long-term solution is that you will eventually be able to do the
"mark this certificate as trusted" thing, somehow, without needing to
explicitly configure it as a separate ssl-ca-file. But we still haven't
figured out all of the details of how that's going to work.

For now, the easiest solution is the "copy the system ca file to ~/ and
add my cert" thing.

-- Dan



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]