From: Andy Moreton <andrewjmoreton@gmail.com>
To: emacs-devel@gnu.org
Subject: Re: need help with certificate bundles for ALL the platforms Emacs supports
Date: Sat, 11 Feb 2012 17:22:40 +0000 [thread overview]
Message-ID: <828vk9b7z3.fsf@gmail.com> (raw)
In-Reply-To: 87bop6skyp.fsf@lifelogs.com
On Fri 10 Feb 2012, Ted Zlatanov wrote:
> On Fri, 10 Feb 2012 17:51:45 +0200 Eli Zaretskii <eliz@gnu.org> wrote:
>
>>> From: Ted Zlatanov <tzz@lifelogs.com>
>>> The question is how to obtain one reliably, and all my research leads me
>>> to believe that W32 doesn't have it.
>
> EZ> This URL:
>
> EZ> http://technet.microsoft.com/en-us/library/cc962104.aspx
>
> EZ> and also a few others seem to indicate that each Windows user has
> EZ> his/her certificates in this directory:
>
> EZ> C:\Documents and Settings\<username>\Application Data\Microsoft\SystemCertificates\My\Certificates
>
> EZ> I do have such a directory on my XP box, but it is empty. Meanwhile,
> EZ> the application that is used on Windows to browse certificates does
> EZ> show a long list of certificates I allegedly have on this box.
>
> EZ> On another XP system I did see files in the above directory, but they
> EZ> were binary files, unlike the contents you show:
>
> That's unfortunate. I'll assume for now that on W32 we have to supply
> our own certificate bundle through the GNU ELPA package, until someone
> comes up with a better solution. I think that's acceptable since we're
> simply mimicking Mozilla's CA choices, and we can make incremental
> improvements to gnutls.el as we find out more about each platform.
>
> Thanks!
> Ted
It appears that Windows stores the certificates in the registry - see
"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\SystemCertificates".
I expect that additonal locations are used under the control of group
policy for domain machines etc, and that this data should only be used
via the appropriate APIs.
Cygwin also has a cert bundle in the ca-certificates package - see
http://cygwin.com/packages/ca-certificates/
AndyM
next prev parent reply other threads:[~2012-02-11 17:22 UTC|newest]
Thread overview: 67+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-01-30 2:02 Emacs 24.0.93 Pretest Windows Binaries published Christoph Scholtes
2012-01-30 4:55 ` Drew Adams
2012-01-30 17:47 ` Eli Zaretskii
2012-01-30 18:17 ` [h-e-w] " Drew Adams
2012-01-30 18:57 ` Eli Zaretskii
2012-01-30 19:08 ` Drew Adams
2012-01-30 19:09 ` Eli Zaretskii
2012-01-30 18:49 ` Eli Zaretskii
2012-01-31 14:03 ` Christoph Scholtes
2012-01-31 14:15 ` Drew Adams
2012-02-02 19:22 ` Ted Zlatanov
2012-02-02 19:52 ` Drew Adams
2012-02-02 21:46 ` Ted Zlatanov
2012-02-02 22:05 ` Drew Adams
2012-02-03 13:26 ` Ted Zlatanov
2012-02-03 7:48 ` Eli Zaretskii
2012-02-03 13:23 ` GnuTLS invasion of Emacs (was: Emacs 24.0.93 Pretest Windows Binaries published) Ted Zlatanov
2012-02-03 16:29 ` GnuTLS invasion of Emacs published) Eli Zaretskii
2012-02-03 16:51 ` Ted Zlatanov
2012-02-09 14:16 ` need help with certificate bundles for ALL the platforms Emacs supports (was: GnuTLS invasion of Emacs published)) Ted Zlatanov
2012-02-09 18:53 ` Eli Zaretskii
2012-02-10 13:06 ` need help with certificate bundles for ALL the platforms Emacs supports Ted Zlatanov
2012-02-10 15:51 ` Eli Zaretskii
2012-02-10 16:37 ` Ted Zlatanov
2012-02-11 17:22 ` Andy Moreton [this message]
2012-02-11 17:45 ` Eli Zaretskii
2012-02-12 2:43 ` Ted Zlatanov
2012-02-12 4:05 ` Eli Zaretskii
2012-02-12 13:36 ` Ted Zlatanov
2012-02-13 10:29 ` Andy Moreton
2012-02-13 13:15 ` Ted Zlatanov
2012-02-10 17:11 ` Ted Zlatanov
2012-02-10 18:57 ` Stefan Monnier
2012-02-12 22:13 ` Ted Zlatanov
2012-02-13 3:28 ` Stefan Monnier
2012-02-13 13:24 ` Ted Zlatanov
2012-02-13 15:12 ` Stefan Monnier
2012-02-13 16:30 ` Ted Zlatanov
2012-02-13 21:04 ` Stefan Monnier
2012-02-13 21:54 ` Ted Zlatanov
2012-02-13 21:55 ` Lars Ingebrigtsen
2012-02-13 22:20 ` Stefan Monnier
2012-02-14 0:05 ` Ted Zlatanov
2012-02-14 2:13 ` Stefan Monnier
2012-02-14 2:32 ` Glenn Morris
2012-02-14 13:01 ` Ted Zlatanov
2012-02-03 13:25 ` Emacs 24.0.93 Pretest Windows Binaries published Stefan Monnier
2012-02-03 0:48 ` [h-e-w] " Richard M. Heiberger
2012-02-03 8:12 ` Eli Zaretskii
2012-02-03 10:03 ` Stephen J. Turnbull
2012-02-03 10:31 ` Eli Zaretskii
2012-02-03 13:49 ` Stephen J. Turnbull
2012-02-03 15:44 ` Eli Zaretskii
2012-02-12 4:04 ` Lennart Borgman
2012-02-12 4:08 ` Lennart Borgman
2012-02-12 16:23 ` Eli Zaretskii
2012-02-12 22:19 ` Lennart Borgman
2012-02-13 3:29 ` Stefan Monnier
2012-02-13 3:51 ` Eli Zaretskii
2012-02-13 19:23 ` Lennart Borgman
2012-02-14 22:43 ` Lennart Borgman
-- strict thread matches above, loose matches on Subject: below --
2012-02-13 22:30 need help with certificate bundles for ALL the platforms Emacs supports nyc4bos
2012-02-14 13:14 ` Ted Zlatanov
2012-02-14 14:04 ` Andy Moreton
2012-02-14 15:53 ` Ted Zlatanov
2012-02-16 18:47 ` nyc4bos
2012-02-17 13:06 ` Ted Zlatanov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=828vk9b7z3.fsf@gmail.com \
--to=andrewjmoreton@gmail.com \
--cc=emacs-devel@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).