Mercurial > hg > orthanc-book

view Sphinx/source/faq/https-ca-certificates.rst @ 1194:c717ee80e8d9 default tip

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
updated citations
author Sebastien Jodogne <s.jodogne@gmail.com>
date Mon, 01 Sep 2025 07:48:44 +0200
parents 529cea35b08f
children
line wrap: on
line source

.. _https-ca-certificates:


How to configure the HttpsCACertificates parameter?
===================================================

In somes cases, Orthanc may have to query some third-party services
thanks to HTTPS requests (distant :ref:`DICOMweb server <dicomweb>`, 
:ref:`object storage <object-storage>`,...).

Orthanc relies on `cURL <https://curl.se/>`_ for such queries.

Starting with Orthanc 1.12.6 and provided that Orthanc has been built with
libcurl > 8.2.0, if ``HttpsCACertificates`` is left empty in the Orthanc
configuration file, Orthanc uses the operating system native CA store to
validate the certificates received from the distant servers (cURL
"--ca-native" option). In most of the setups, this is perfectly fine and 
the servers certificates are validated correctly.

However, one could face some troubles, especially on Microsoft Windows
setups.

To fix them, download the CA certificate store (in PEM format) from the
`cURL project <https://curl.haxx.se/docs/caextract.html>`__.

.. highlight:: json

And then, store it on the drive and modify your configuration file according to
(file path to adapt)::

  {
    "HttpsCACertificates" : "C:\\Program Files\\Orthanc Server\\resources\\cacert.pem"
  }

.. highlight:: text