Use system-wide trust certificate store - spice/spice-gtk - client library using glib and gtk (mirrored from https://gitlab.freedesktop.org/spice/spice-gtk)

diff options

author	Christophe Fergeau <cfergeau@redhat.com>	2013-09-18 11:59:44 +0200
committer	Christophe Fergeau <cfergeau@redhat.com>	2013-11-19 15:28:50 +0100
commit	4642a31a1e5c4c0a68398fd51549f1e6c4146d9f (patch)
tree	36f599717b906c30a6d9971e36257af0f0c76362 /gtk/spice-client-gtk-module.c
parent	ab6cb2c29d6134309b35a2d7ca7b3f056293e4e0 (diff)

Use system-wide trust certificate store

Currently, spice-gtk will look in $HOME/.spicec/spice_truststore.pem by default for its trust certificate store (to verify the certificates used during SPICE TLS connections). However, these days, progress is under-way to have a system-wide certificate store [1]. In order to use it, we only need to call SSL_CTX_set_default_verify_paths() and it will automatically use the shared system CA store if the distro is properly setup. We only try to use that store if there was no user-provided CA file to use, or if we failed to load it. [1] https://fedoraproject.org/wiki/Features/SharedSystemCertificates

Diffstat (limited to 'gtk/spice-client-gtk-module.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: