Hi, I use uzbl that uses libSoup to handle http requests. It allows to configure the value of the parameter ssl-ca-file of SoupSession. By default, ssl-ca-file is set to /etc/ssl/certs/ca-certificates.crt which contains the well known certificates that debian trusts. I want to add a certificate corresponding to a personal website but I do not want this certificate to be installed system wide. I can configure ssl-ca-file to point to a file that contains my personal certificate, like ~/ca-certificates.crt, but I loose the verification of all the certificates in /etc/ssl/certs/ca-certificates.crt. I could also copy the certificates from /etc/ssl/certs/ca-certificates.crt to ~/ca-certificates.crt, but that would mean I should make sure that each time /etc/ssl/certs/ca-certificates.crt is changed, I update ~/ca-certificates.crt. Then my question is: Is there a way to still have the system trusted certificates checked and having some personal certificates checked to? Is it possible for instance to give a list of files to ssl-ca-file to SoupSession? ssl-ca-file seems to be deprecated[1], then what would be the way to do this in a non deprecated way? I searched in the web but did not find any solution to my problem, like if no one had faced the problem before. May be I am trying to solve a problem that does not exist. Could anyone indicate to me if I am wrong. Thanks for your attention, Samuel [1] http://developer.gnome.org/libsoup/stable/SoupSession.html#SoupSession--ssl-ca-file
Attachment:
pgpxIRvjtSwnc.pgp
Description: PGP signature