(Certificate files might be encrypted as well from the technical point of view, it however does not make sense as the data in the certificate is considered public anyway.) On Mar 6, 2008, at 2:19 PM, j.c. wrote:
What is the security risk in the ca.pem to be placed on end-users machines?
Thanks, j.c.
On Feb 26, 2008, at 5:26 PM, Eugene M. Kim wrote:
j.c. wrote:
Hello, I have implemented a TLS client/server application and will be using self-assigned certificates due to the small scale of distribution. I am currently using the function load_verify_file("ca.pem"), however I don't want to write the certificate to end-users disk. What would be the proper way to use an "in-memory or compiled" certificate for peer verification? I was trying to do the same thing, and unfortunately there seems to be no API for this. I'm afraid you'd have to use directly the underlying implementation (OpenSSL's SSL_CTX structure), which you can access with ssl::context::impl() method. ;-(
Eugene
_______________________________________________ Boost-users mailing list Boost-users@lists.boost.org http://lists.boost.org/mailman/listinfo.cgi/boost-users
_______________________________________________ Boost-users mailing list Boost-users@lists.boost.org http://lists.boost.org/mailman/listinfo.cgi/boost-users