Flexibility in SSL validations

Nov 6, 2015 at 12:52 PM
Hi,
Just wanted to know how much flexibility is currently available or planned for future regarding SSL validations in the C++ Rest SDK.
We could find the provision to disable certificate validation and to get the native HTTP handler.

I'm interested in knowing answers to these questions, if you could please help:
1) Are there ways in the SDK to use our custom certificate validation store? (assuming it uses OS' store by default)
2) The SDK appears to treat sites having 'Revoked' certificates as valid for the time-being. Please confirm this. Is there an option to toggle this?
3) For us, one way to use our own certificate validation is to disable validation in http_client_config and set the native request handle callback. When the callback is called, we can check the server certificate with our own store. In this option, I just have 1 query. If the certificate validation fails, how do we fail the HTTPS request from inside the callback function? Can we throw exceptions which propagate to the caller of request()?

Thanks for the help in advance1
Nov 17, 2015 at 9:00 AM
Hi Guys,
Please help.