Open meghfossa opened 2 years ago
This PR modifies System.X509's getSystemCertificateStore method, to favour OpenSSL environment variables (as used by git, curl, etc) namely:
getSystemCertificateStore
SSL_CERT_FILE
SSL_CERT_DIR
If SSL_CERT_FILE or SSL_CERT_DIR values do not exist, previously implemented certificationStore is yielded.
Order of precedence:
1) SSL_CERT_FILE (OpenSSL conventional env name) 2) SSL_CERT_DIR (OpenSSL conventional env name) 3) SYSTEM_CERTIFICATE_PATH (Unix Only - Existing implementation)
SYSTEM_CERTIFICATE_PATH
@vincenthz tagging your for review. PR is fairly small.
Overview
This PR modifies System.X509's
getSystemCertificateStore
method, to favour OpenSSL environment variables (as used by git, curl, etc) namely:SSL_CERT_FILE
SSL_CERT_DIR
If
SSL_CERT_FILE
orSSL_CERT_DIR
values do not exist, previously implemented certificationStore is yielded.Order of precedence:
1)
SSL_CERT_FILE
(OpenSSL conventional env name) 2)SSL_CERT_DIR
(OpenSSL conventional env name) 3)SYSTEM_CERTIFICATE_PATH
(Unix Only - Existing implementation)To-do
Reference
118