use cert from central store

fusioninventory / fusioninventory-agent-windows-installer

The New Windows Installer for FusionInventory Agent

GNU General Public License v2.0

11 stars 5 forks source link

use cert from central store #9

Open Xtraim opened 2 years ago

Xtraim commented 2 years ago

Hi everyone, in the next version, Will you add an option for certificate path where we could enable to add cert from the Microsoft native central location ? like --ca-cert-dir="cert:\LocalMachine\My"

ddurieux commented 2 years ago

Do you have documentation about Microsoft native central location?

Xtraim commented 2 years ago

Hi David, im not a dev, so i will try to do my best ^^ here a link (C code) : https://docs.microsoft.com/fr-fr/windows/win32/api/wincrypt/nf-wincrypt-certopenstore?redirectedfrom=MSDN

and more generic : https://docs.microsoft.com/en-us/windows/win32/seccrypto/example-c-program-certificate-store-operations

guillomovitch commented 2 years ago

AFAIK, the only way to access windows certificate store content is to use Win32 cryptographic API, and OpenSSL (the underlying cryptographic implementation used by FusionInventory Agent) doesn't support it. Basically, it's not possible.