Open FedericoCeratto opened 3 years ago
import httpclient
var client = newHttpClient()
echo client.getContent("http://google.com")
nim c -r -d:ssl .\certtest.nim
C:\Users\me\.choosenim\toolchains\nim-1.4.4\lib\pure\httpclient.nim(557) certtest
C:\Users\me\.choosenim\toolchains\nim-1.4.4\lib\pure\httpclient.nim(324) getDefaultSSL
C:\Users\me\.choosenim\toolchains\nim-1.4.4\lib\pure\net.nim(658) newContext
Error: unhandled exception: No SSL/TLS CA certificates found. [IOError]
Event though I have
C:\Users\me\.choosenim\toolchains\nim-1.4.4\bin\cacert.pam
I need to copy this file to the folder of the exe to make it work.
I copied it to
C:\Users\me\.nimble\bin\cacert.pam
Turns out C:\Users\me\.choosenim\toolchains\nim-1.4.4\bin\
is not on $PATH
as I thought it was. But this is the folder where nim puts cacert.pam
it
should put it into C:\Users\me\.nimble\bin\
instead.
Yes, so it does work when put in the $PATH. What mechanism does Nim use to put it in C:\Users\me\.choosenim\toolchains\nim-1.4.4\bin\
?
On windows we could use the os cert store, since this is updated automatically by the os on windows updates, so no need to get the cacert.pem from "somewhere".
https://stackoverflow.com/questions/9507184/can-openssl-on-windows-use-the-system-certificate-store
We can do this: https://github.com/nim-lang/nimble/issues/949
@enthus1ast I considered it and the interaction only works through temporary generated files. It's not clear where to put these and when to generate these so there are no known benefits of using the Windows API in this case.
Nimble could suggest solutions for missing CA certificates based on the OS.
Related: https://github.com/nim-lang/Nim/issues/782#issuecomment-785531690 https://forum.nim-lang.org/t/7551 https://forum.nim-lang.org/t/7582