hs-stripe icon indicating copy to clipboard operation
hs-stripe copied to clipboard

Published 20 hours ago verified publisher icon michaelschade

caFile?

Open singpolyma opened this issue 11 years ago • 4 comments

What is supposed to be passed into caFile? The default config says:

-- | Provides a default 'StripeConfig'. Essentially, this inserts the 'SecretKey', but
-- leaves other fields blank. This is especially relavent due to the current
-- CA file check bug.

So is the value not used? How are SSL certificates being checked just now?

singpolyma avatar Feb 14 '14 00:02 singpolyma

'http-conduit' is used underneath and uses tls for TLS. However that handles CAs is probably what's being used here. I'm on my iPhone so I can't validate right now but my guess is that your system CA certs are probably being used. @michaelschade will have to comment on his intention for the config param in this package.

lukehoersten avatar Feb 14 '14 00:02 lukehoersten

I figured out why caFile is vestigial. #2 explains that the param wasn't supported by the Haskell curl lib which was the backend before http-conduits. A pull request would be much appreciated!

lukehoersten avatar Feb 14 '14 00:02 lukehoersten

So it sounds like it could probably be removed from the config completely?

singpolyma avatar Feb 14 '14 21:02 singpolyma

Yeah maybe just remove it until someone wants it. Sometimes you want your http client to use a specific CA cert separate from the system.

lukehoersten avatar Feb 14 '14 21:02 lukehoersten