Emil
2006-07-11 12:07:02 UTC
Hi all,
we use WinHttp with SSL enabled for secure client/server connections. We
have a private PKI and need to import our CA certificate into an appropriate
truststore, so the SSL handshake runs through. Preparing a truststore outside
the application is no option. We started with temporarily importing the CA
certificate into the system certstore, but of course this fails for users
without admin rights. We didn't like this approach, because it side effects
all other applications accessing the system truststore, but saw no other
choice to achieve our goal.
My questions are:
- can we create a temporary truststore and tell WinHttp to use this
truststore for the SSL handshake?
- if not, what other choice do we have?
Thanks for your help,
Emil
we use WinHttp with SSL enabled for secure client/server connections. We
have a private PKI and need to import our CA certificate into an appropriate
truststore, so the SSL handshake runs through. Preparing a truststore outside
the application is no option. We started with temporarily importing the CA
certificate into the system certstore, but of course this fails for users
without admin rights. We didn't like this approach, because it side effects
all other applications accessing the system truststore, but saw no other
choice to achieve our goal.
My questions are:
- can we create a temporary truststore and tell WinHttp to use this
truststore for the SSL handshake?
- if not, what other choice do we have?
Thanks for your help,
Emil