Skip to content

macOS: Can HttpClient do custom cert handling with libcurl+openssl10? #21679

@bartonjs

Description

@bartonjs

Gedankenexperiment:

  • If OpenSSL/1.0 is the reported backend, run the OpenSSL initializer.
  • Still fail client auth certificates (non-exportable private keys can't marshal into OpenSSL, and other problems could exist, so just block it)
  • If OpenSSL/1.0 is the reported backend, register the callbacks/etc as normal.
  • For the EE (server identity) cert and any presented intermediates, extract the certificate bytes to pass to new X509Certificate2(byte[]).
  • Build the X509Chain
  • Apply chain and hostname checks
  • Call the callback.

Metadata

Metadata

Assignees

No one assigned

    Labels

    area-System.Net.HttpenhancementProduct code improvement that does NOT require public API changes/additionsos-mac-os-xmacOS aka OSX

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions