@justinburke @cesarghali
The code in the above pull request accesses the MacOS keychain and extracts the root certificates from it. The code is designed to pull certs from the system, admin, and user domains and use the trust settings configured in the user domain for each cert. A filter needs to be implemented to remove the distrusted certificates from the full list of certificates.
This code is based on the Golang core x509 package: https://golang.org/src/crypto/x509/root_cgo_darwin.go
The Go code implements a filter, but in order to do the same in C++ requires a different method.
@justinburke @cesarghali
PR: #16246
The code in the above pull request accesses the MacOS keychain and extracts the root certificates from it. The code is designed to pull certs from the system, admin, and user domains and use the trust settings configured in the user domain for each cert. A filter needs to be implemented to remove the distrusted certificates from the full list of certificates.
This code is based on the Golang core x509 package: https://golang.org/src/crypto/x509/root_cgo_darwin.go
The Go code implements a filter, but in order to do the same in C++ requires a different method.