From 72a2f253562d890ab2174ededc1e8149f8ff243f Mon Sep 17 00:00:00 2001
From: Keeqler <33733651+Keeqler@users.noreply.github.com>
Date: Wed, 15 Oct 2025 17:21:16 -0300
Subject: [PATCH] Add support for providing CA file for SSL verification

---
 src/wallet.cpp | 26 ++++++++++++++++++++++++++
 src/wallet.h   |  2 ++
 2 files changed, 28 insertions(+)

diff --git a/src/wallet.cpp b/src/wallet.cpp
index d000965..b503abb 100644
--- a/src/wallet.cpp
+++ b/src/wallet.cpp
@@ -814,6 +814,27 @@ namespace lwsf { namespace internal
         else
           url.port = 80;
       }
+
+      // Configure SSL certificate verification
+      if (options.support != epee::net_utils::ssl_support_t::e_ssl_support_disabled)
+      {
+        bool ca_file_valid = !ca_file_path_.empty() && std::filesystem::exists(ca_file_path_);
+        
+        if (ca_file_valid) {
+          try {
+            options = epee::net_utils::ssl_options_t(
+              std::vector<std::vector<std::uint8_t>>{},
+              ca_file_path_
+            );
+            options.verification = epee::net_utils::ssl_verification_t::user_ca;
+          } catch (const std::exception& e) {
+            options.verification = epee::net_utils::ssl_verification_t::system_ca;
+          }
+        } else {
+          options.verification = epee::net_utils::ssl_verification_t::system_ca;
+        }
+      }
+
       data_->client.set_server(std::move(url.host), std::to_string(url.port), std::move(login), std::move(options));
     }
     catch (const std::exception& e)
@@ -886,6 +907,11 @@ namespace lwsf { namespace internal
     return true;
   }
 
+  void wallet::setCaFilePath(const std::string &path)
+  {
+    ca_file_path_ = path;
+  }
+
   uint64_t wallet::balance(const uint32_t accountIndex) const
   {
     const boost::lock_guard<boost::mutex> lock{data_->sync};
diff --git a/src/wallet.h b/src/wallet.h
index c29aced..0d61846 100644
--- a/src/wallet.h
+++ b/src/wallet.h
@@ -62,6 +62,7 @@ namespace internal
     const std::string filename_;
     std::string password_;
     std::string language_;
+    std::string ca_file_path_;
     std::deque<std::function<std::error_code()>> work_queue_;
     mutable std::string exception_error_;
     mutable std::error_code error_;
@@ -267,6 +268,7 @@ namespace internal
     virtual void setTrustedDaemon(bool) override {} 
     virtual bool trustedDaemon() const override { return true; }
     virtual bool setProxy(const std::string &address) override;
+    void setCaFilePath(const std::string &path);
     virtual uint64_t balance(uint32_t accountIndex = 0) const override;
     virtual uint64_t unlockedBalance(uint32_t accountIndex = 0) const override;