Summary | System default openssl certificates are not used |
Queue | gloox |
Queue Version | 1.0.23 |
Type | Bug |
State | Unconfirmed |
Priority | 1. Low |
Owners | |
Requester | pulkomandy (at) gmail (dot) com |
Created | 11/15/2020 (547 days ago) |
Due | |
Updated | 02/13/2022 (92 days ago) |
Assigned | |
Resolved |
https://github.com/haikuports/haikuports/blob/master/net-libs/gloox/patches/gloox-1.0.24.patchset#L78
State ⇒ Unconfirmed
Priority ⇒ 1. Low
Type ⇒ Bug
Summary ⇒ System default openssl certificates are not used
Queue ⇒ gloox
system ones to be used. This would require gloox to call int
SSL_CTX_set_default_verify_paths(SSL_CTX *ctx); but apparently it
doesn't.
Is that intentional? It's a bit annoying because there is no way to
access the openssl context from outside gloox, so I can't use this API
in my client. As a result I can't connect to any server if I want to
rely on CertInfo.status to check validity of certificates, unless I
hardcode the path to the system cacerts.pem file.
(btw, 1.0.24 is not available as a release to report bugs again in the
bugtracker)