💾 Archived View for tilde.town › ~tickletickle › blog › 2021-02-06.gmi captured on 2023-09-08 at 15:47:19. Gemini links have been rewritten to link to archived content
-=-=-=-=-=-=-
I spent some time writing my own gemini server and client.
It features some basic functionnality, actually just enough to write a file server with an atom feed.
Yet, I counldn't figure out how to allow trusting self-signed certificates that we have already seen.
The thing is that after the TLS handshake, it's only possible to retrieve validated certificates for inspection.
So either you don't validate certificates at all but cannot have a look at self-signed certificates, or
you validate certificates against the central authority and self-signed certificates will not pass.
What a pity... I might end up having to tap the openssl library directly to go over the certificate
handling code, just like in the foundation library used in Lagrange.