Crate certitude [] [src]

Functions for validating certificates on many platforms.

Certitude focuses on making it possible to validate a chain of X.509 certificates used for a TLS connection by using the appropriate platform-specific logic, rather than by relying on the TLS library that actually makes the connection. This approach is useful for libraries that want to use OpenSSL build TLS connections on Windows and OS X, but that want to exhibit "platform-native" behaviour on those systems.

Currently Certitude only supports Windows and OS X: it explicitly does not support Linux or any other Unix, where it is expected that the verification logic provided by OpenSSL (or the appropriate TLS library) used on those systems will be used instead. As that library is likely the one responsible for actually handling the TLS logic, it is likely pretty easy to use the built-in validation logic.



Possible results from attempting to validate a certificate chain.



Validate a chain of certificates.