Difference between revisions of "KSSL"
Jump to navigation
Jump to search
(Created KSSL page, added some bits about root certs) |
m (minor fixes/additions) |
||
| Line 1: | Line 1: | ||
[[Category:Developers]] |
[[Category:Developers]] |
||
| ⚫ | |||
| + | __TOC__ |
||
| ⚫ | |||
= Architecture = |
= Architecture = |
||
| ⚫ | |||
| − | |||
| ⚫ | |||
== Root Certificates == |
== Root Certificates == |
||
| − | |||
Root certificates (which can be used for verifying websites, e-mail or signatures) are stored for convenience in two files, <tt>ksslcalist</tt> and <tt>ca-bundle.crt</tt>. The first one is a TDE configuration file (that is, it has ini-like structure and can be accessed by the <tt>TDEConfig</tt> class) and the second one is a simple text file, containing a bunch of X.509 certificates for website verification. The certificates in this file are a subset of <tt>ksslcalist</tt> and, despite being packaged, can be regenerated by KSSLD after a modification of the system <tt>ksslcalist</tt> file takes place ([https://mirror.git.trinitydesktop.org/gitea/TDE/tdelibs/src/branch/r14.0.x/tdeio/misc/kssld/kssld.cpp#L559 see here]). |
Root certificates (which can be used for verifying websites, e-mail or signatures) are stored for convenience in two files, <tt>ksslcalist</tt> and <tt>ca-bundle.crt</tt>. The first one is a TDE configuration file (that is, it has ini-like structure and can be accessed by the <tt>TDEConfig</tt> class) and the second one is a simple text file, containing a bunch of X.509 certificates for website verification. The certificates in this file are a subset of <tt>ksslcalist</tt> and, despite being packaged, can be regenerated by KSSLD after a modification of the system <tt>ksslcalist</tt> file takes place ([https://mirror.git.trinitydesktop.org/gitea/TDE/tdelibs/src/branch/r14.0.x/tdeio/misc/kssld/kssld.cpp#L559 see here]). |
||
Latest revision as of 15:03, 3 February 2022
KSSL is a TDE library which provides a wrapper around OpenSSL. KSSL is part of TDEIO and included in the standard TDE libraries (tdelibs).
Architecture
Tip
This section contains various technical notes about specific points in the architecture of KSSL. Expand as you see fit.Root Certificates
Root certificates (which can be used for verifying websites, e-mail or signatures) are stored for convenience in two files, ksslcalist and ca-bundle.crt. The first one is a TDE configuration file (that is, it has ini-like structure and can be accessed by the TDEConfig class) and the second one is a simple text file, containing a bunch of X.509 certificates for website verification. The certificates in this file are a subset of ksslcalist and, despite being packaged, can be regenerated by KSSLD after a modification of the system ksslcalist file takes place (see here).