database


Description:

[ Version ( since = "2.30" ) ]
public TlsDatabase database { get; set; }

The certificate database to use when verifying this TLS connection.

If no certificate database is set, then the default database will be used. See get_default_database.

When using a non-default database, TlsConnection must fall back to using the TlsDatabase to perform certificate verification using verify_chain, which means certificate verification will not be able to make use of TLS session context. This may be less secure. For example, if you create your own TlsDatabase that just wraps the default TlsDatabase, you might expect that you have not changed anything, but this is not true because you may have altered the behavior of TlsConnection by causing it to use verify_chain. See the documentation of verify_chain for more details on specific security checks that may not be performed. Accordingly, setting a non-default database is discouraged except for specialty applications with unusual security requirements.