Daniel Stenberg wrote:

>>
>> Is there a more elegant way to use libcurl with a compiled-in
>> certificate?
>
>
> I didn't find any such function either in OpenSSL so therefore I've
> never added such an option to libcurl. Also, with the addition of
> GnuTLS support I'm reluctant to add SSL-related features that aren't
> supported by both SSL layers...

I was afraid that might be the case... I would have thought that
more people have bumped into this though...

>
> So, I guess you should be asking the OpenSSL/GnuTLS people this question.

I'll give that a try.

>
> Personally, I would store the only CA cert on the read-only file
> system. Or have it built-in in to the app and on start you mount a ram
> filesystem and have the program write it to that fs and then you can
> use the API like normal...
>
Unfortunately I'm not allowed to "install" anything besides a self-
contained executable. No libraries, no configuration files. The program
has to run as a simple user, which precludes the creation and mounting
of a ramfs filing systems.
(besides, it has to work under windows as well, and I frankly haven't
got a clue how to create/mount a ramfs there (without administrator
privileges?), and I don't fancy figuring that out either unless I really
have to).

thanks,

with kind regards,

Theo
Received on 2005-08-23