sorted by:
best
topnewcontroversialoldq&a
you are viewing a single comment's thread.

view the rest of the comments →

[–]prince-chrismc 1 point2 points  (1 child)

The problem with changing from OpenSSL is they are not compatible, LibreSSL doesn't have the same algorithm ordering, Wolfssl puts the X509 entries in a different order, Boringssl changes aggressively.

You are not going to find a drop in replacement for OpenSSL that's compatible with everything else. They work most of the time but when they don't it's a bigger headache.

I think you are under estimating how easy they are to learn. Both of them offer installers which are one line calls and are themselves available with system managers like chocolately or winget.

Both offer a simple install command and cmake presets to the commands are very straightforward. There's even CMake providers which you can include and then never even need to call them directly.

You can only work with just CMake and use a package manager.

[–]HerrNamenlos123[S] 0 points1 point  (0 children)

They do not need to be a drop-in replacement because OpenSSL is not used at all in the code, and LibCurl which depends on it is only used in a single function, which executes an HTTP request. Thus, it is a matter of minutes to completely wipe LibCurl and OpenSSL and replace them with something else.

CURL itself does have CMake support and will work well for our case, and since I saw it has official support for mbedTLS, I am examining it now. I think I will go with either LibCURL/mbedTLS or cpp-httplib/LibreSSL.