In the absence of a ca_file or ca_dir, libmongoc falls back to loading the system CA store on Windows via _mongoc_openssl_import_cert_stores(). This should incorporate CERT_STORE_READONLY_FLAG in case the current user does not have full access to the store.
bjori already has a patch for this in mongodb/mongo-php-library#313, which also improves error reporting should the CA store still fail to open properly.
- is depended on by
-
PHPC-881 Windows CA stores should be opened with read-only flag
- Closed
- related to
-
SERVER-27592 Windows Certificate Store must be opened read-only
- Closed
-
TOOLS-2158 mongodump failing on Windows with "error opening system CA store: Access is denied."
- Closed
- links to