microsoft/msquic

Using custom CA with TLS certificates

Open

#2.820 geöffnet am 14. Juni 2022

Auf GitHub ansehen
 (7 Kommentare) (0 Reaktionen) (0 zugewiesene Personen)C (671 Forks)github user discovery
Area: APITLS: SchannelTLS: quicTLSexternalfeature requestgood first issuehelp wanted

Repository-Metriken

Stars
 (4.712 Stars)
PR-Merge-Metriken
 (PR-Metriken ausstehend)

Beschreibung

Describe the feature you'd like supported

Right now TLS certificate verification uses only system CA store. But in some cases custom CA certificates may be prefered (for example, non-HTTP/3 QUIC usage). For this we need to specify custom CA path(es), which should be passed to TLS backend. But MsQuic doesn't support that at this moment.

Proposed solution

Add function or struct field that will pass custom CA path(es) to TLS backend (for example, SSL_CTX_load_verify_locations for OpenSSL).

Additional context

No response

Contributor Guide