Skip to content

Support in-memory certificate stores #4951

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
Myriachan opened this issue Mar 27, 2025 · 0 comments
Open

Support in-memory certificate stores #4951

Myriachan opened this issue Mar 27, 2025 · 0 comments
Labels
Area: API Area: Core Related to the shared, core protocol logic external Proposed by non-MSFT feature request A request for new functionality
Milestone
Future

Comments

@Myriachan
Copy link

Describe the feature you'd like supported

I've been evaluating MsQuic and haven't used it, but already see a problem that would complicate usage: there isn't a way to use a certificate store that is in-memory. Custom certificate stores must be in a disk file. There are use cases where this is a problem.

Proposed solution

Both SChannel and OpenSSL can support this. See libcurl code:

SChannel: https://github.com/curl/curl/blob/0c20e9bf1a5cc7318f85e70212505856bb5f0e72/lib/vtls/schannel_verify.c#L122
OpenSSL: https://github.com/curl/curl/blob/0c20e9bf1a5cc7318f85e70212505856bb5f0e72/lib/vtls/openssl.c#L3021

I think this can already be done manually in SChannel using QUIC_CREDENTIAL_CONFIG::CertificateContext essentially the same way that libcurl does it.

Additional context

No response
@Myriachan Myriachan added the feature request A request for new functionality label Mar 27, 2025
@nibanks nibanks added Area: API Area: Core Related to the shared, core protocol logic labels Mar 28, 2025
@nibanks nibanks added this to the Future milestone Mar 28, 2025
@nibanks nibanks added the external Proposed by non-MSFT label Mar 28, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Area: API Area: Core Related to the shared, core protocol logic external Proposed by non-MSFT feature request A request for new functionality
Projects
None yet
Milestone
Future
Development

No branches or pull requests
2 participants
@Myriachan @nibanks