Comments (2)
steffengy
commented on July 17, 2024
@sfackler
I think one would need to implement manual certificate verification to perform checks like these (non pemanently),
since currently verification is handled by the default windows trust provider.
(there's also a TODO for that in the code)
https://msdn.microsoft.com/en-us/library/windows/desktop/aa378740(v=vs.85).aspx
from rust-native-tls.
sfackler
commented on July 17, 2024
Windows does things in a very different way - you create a Certificate Trust List which needs to be signed by something with a trusted root. Unless we can force people to install a custom root cert (not reasonable), we may have to manually handle this. The OSCrypto library manually checks the root certificate in the trust chain against its extra roots: https://github.com/wbond/oscrypto/blob/master/oscrypto/_win/tls.py#L591
from rust-native-tls.
Related Issues (20)
- RUSTSEC vulnerability in `tempfile` - need to take updated version HOT 1
- tls
- rust-native-tls is not able to receive peer certificate HOT 10
- Upgrade security-framework v2.9.1 HOT 1
- TlsConnectorBuilder constructor HOT 2
- PKCS12 Legacy Support HOT 1
- Identity::from_pkcs8 does not work correctly on macos HOT 2
- PKCS12 Identity [mac verify failure] on legacy format HOT 3
- Windows: When loading an Identity with from_pkcs8(), running multiple servers generates handshake errors HOT 7
- Is `&TlsStream: Read + Write` possible? HOT 2
- Option to disable certificate CA verification HOT 7
- Newer pkcs12 file format reverses cert chain order HOT 4
- Ability to customise SslContext for openssl HOT 1
- feature request: please provide a way to "opt-outing" openssl HOT 2
- reading the response is taking too long - 10 minutes HOT 4
- Allow access to ssl::SslStream for advanced usage HOT 1
- Use schannel CertContext to create an Identity HOT 2
- TlsConnector throws an error: Failure(Error { code: -9836, message: "bad protocol version" }) HOT 1
- Fails to compile on MacOS HOT 2
- [feature request] Expose SslConnector
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from rust-native-tls.