MTLS certificate loading on Windows 10 is broken #3145
Labels
Comments
|
Thanks! Can you perhaps make a proper pull-request with your suggested fix? |
bagder
changed the title
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
I did this
Used the source code here:
curl/lib/vtls/schannel.c
Line 390 in 2e5651a
as a reference to look at the api usage to load a system installed certificate.
I expected the following
CertOpenStore to succeed. It does not, because the function expects a null terminated path for the system store. For example instead of "MY<thumbprint>", it should just be "MY".
Code I wrote that works:
char store_path[128] = { 0 };
assert(location_of_next_segment - store_path_start < sizeof(store_path));
memcpy(store_path, store_path_start, location_of_next_segment - store_path_start);
*cert_store = CertOpenStore(CERT_STORE_PROV_SYSTEM_A, 0, (HCRYPTPROV)NULL,
CERT_STORE_OPEN_EXISTING_FLAG | store_val, store_path);
curl/libcurl version
HEAD of the repo
operating system
Windows 10
The text was updated successfully, but these errors were encountered: