Consider using Botan for host certificate store access

[Tectu]

Currently, we're using certify for accessing the host's certificate store. It might be worth considering using Botan instead (https://github.com/randombit/botan).

[reneme]

Perhaps, you could even consider using Botan as your (alternative) TLS provider, which then includes certificate validation with its system certificate store adapters, of course. I see you're using asio's ssl_stream that uses OpenSSL underneath. Botan provides a "more-or-less" drop in replacement for this. 🙂

[Tectu]

That's a good suggestion - Thanks for pointing that out!

Ideally we'd make this options so users can pick one or the other.