Is it possible to embed a `cacert.pem` instead of providing a path to contextSetCAFile?

haskell-cryptography / HsOpenSSL

OpenSSL binding for Haskell

http://hackage.haskell.org/package/HsOpenSSL

Creative Commons Zero v1.0 Universal

22 stars 33 forks source link

Is it possible to embed a `cacert.pem` instead of providing a path to contextSetCAFile? #9

Open matsrietdijk opened 7 years ago

matsrietdijk commented 7 years ago

The problem I'm facing is that I would always like a package to check for a certain cacert.pem. However with the current implementation of contextSetCAFile the cacert.pem should always have a filepath on the server running the software, so I will have to ship the certificate with any release using this package. I would rather embed the cacert.pem in the executable so I don't have to worry about it being available on the server as a file. Is this possible?

vshabanov commented 7 years ago

Unfortunately, I don't know. If you find the necessary functions in OpenSSL and could add them to HsOpenSSL I would be glad to accept a pull request and publish new HsOpenSSL version.

glguy commented 7 years ago

@matsrietdijk were you the person I saw asking about this on Freenode #haskell who I believe figured out how to add certificates to an SSL session?

matsrietdijk commented 7 years ago

@glguy no I haven't been on Freenode #haskell. If you find anything useful please let me know!