[Resend to list] On Mon, Jan 22, 2018 at 12:37 PM, Dave S <[email protected]> wrote:
> On Sat, Jan 20, 2018 at 2:49 AM, Daniel Stenberg <[email protected]> wrote: > On Thu, 21 Dec 2017, Dave S via curl-library wrote: >> >> (Sorry for not having responded sooner.) >> >> The certificates for TBD Portal (tbd.tbdservice.com) and MainTBD Portal >>> (*. >>> tbdservice.com) will be updated >>> >> >> I don't see anything I have to do on my development systems -- the >>> browser should handle the certificate update for me, right? >>> >> >> In the case of Firefox it has its own certificate store, the other >> browsers use the operating system's store (on Windows and Mac at least). >> >> But curl typically doesn't use those but instead uses a separate store. >> >> I currently don't do anything explicit about certs, letting libcurl find >>> the system defaults. Do I need to take action, and if so ... what? Or >>> will it all get worked out for me behind the curtain? >>> >> >> It depends. On most linux (like) distros, the OS will keep the cert store >> in shape when you update that, in other situations you may need to update a >> private store every now and then. Possibly from the one we provide on the >> curl site: https://curl.haxx.se/docs/caextract.html >> >> -- >> >> / daniel.haxx.se >> > > > > I've been meaning to update this thread with the results of my support > inquiry. It seems the concern is mainly for server-to-server operations, > which we currently aren't doing, rather than client-to-server. > > quote: > >> There is no need to bundle the certs to supply to the clients. The cert >> is needed if you have an integration such as web services or batch >> processing that uses these endpoints. >> >> If a user has any issues acquiring the cert due to security or OS >> specific, they can visit the site to obtain it. >> >> The only OS that may be of issue is Win10. We found that Microsoft no >> longer includes the standard root certificates with Win10 as they did with >> previous versions. As such new installs of Win10 do not have the root ca >> cert in their keystore. Browsing to a web page that has the root cert will >> add it. >> > end quote > > Dave S > /dps > > > -- > test signature -- please apply at front gate on Tuesdays only. > -- test signature -- please apply at front gate on Tuesdays only.
------------------------------------------------------------------- Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.html
