What is the security risk in the ca.pem to be placed on end-users machines? Thanks, j.c. On Feb 26, 2008, at 5:26 PM, Eugene M. Kim wrote:
j.c. wrote:
Hello, I have implemented a TLS client/server application and will be using self-assigned certificates due to the small scale of distribution. I am currently using the function load_verify_file("ca.pem"), however I don't want to write the certificate to end-users disk. What would be the proper way to use an "in-memory or compiled" certificate for peer verification? I was trying to do the same thing, and unfortunately there seems to be no API for this. I'm afraid you'd have to use directly the underlying implementation (OpenSSL's SSL_CTX structure), which you can access with ssl::context::impl() method. ;-(
Eugene
_______________________________________________ Boost-users mailing list Boost-users@lists.boost.org http://lists.boost.org/mailman/listinfo.cgi/boost-users