Re: [libmicrohttpd] [possible feature request?] Loading key/cert from file [gnutls_certificate_set_x509_key_file2()]

[Christian Grothoff]

Hi Silvio,

I don't like the proposed feature very much, it's something an
application developer can reasonably easily write themselves, it would
introduce a dependency on file system operations to MHD, and it would
include a lot of different possible error types (file not found, access
permissions wrong, etc.) that would have to be passed back to the
application.

That said, adding a good _example_ (reference code) for how to do this
in the documentation would be totally fine.

My 2 cents!

Happy hacking!

Christian
p.s.: sorry for the delay, life's been very busy...

On 07/29/2018 05:39 AM, silvioprog wrote:
> Hello dudes.
> 
> I tried to pass the key/cert files to the MHD library, however, it
> allows only passing via memory (using
> gnutls_certificate_set_x509_key_mem2()):
> 
>   MHD_OPTION_HTTPS_MEM_KEY, "private key content",
>   MHD_OPTION_HTTPS_MEM_CERT, "certificate content"
> 
> but it would be nice to use the GnuTLS's builtin functions to load the
> key/cert files: gnutls_certificate_set_x509_key_file2(). Advantage: the
> programmer just pass the path of the key/cert instead of writing own
> unsafe functions for file loading. So, what do you thing about
> to add those new options?:
> 
>   MHD_OPTION_HTTPS_FILE_KEY, "key.pem",
>   MHD_OPTION_HTTPS_FILE_CERT, "cert.pem",
>   MHD_OPTION_HTTPS_FILE_TRUST, "ca.pem"
> 
> Thank you!
> 
> -- 
> Silvio Clécio

signature.asc
Description: OpenPGP digital signature