6 files changed, 83 insertions, 6 deletions
diff --git a/src/CMakeLists.txt b/src/CMakeLists.txt
index b7b05796..be587533 100644
--- a/src/CMakeLists.txt
+++ b/src/CMakeLists.txt
@@ -118,6 +118,7 @@ if (APPLICATION_BUILD)
     # Copy Resource Files
     file(COPY ${CMAKE_SOURCE_DIR}/resource/css DESTINATION ${RESOURCE_OUTPUT_DIRECTORY}/ FOLLOW_SYMLINK_CHAIN)
     file(COPY ${CMAKE_SOURCE_DIR}/resource/icons DESTINATION ${RESOURCE_OUTPUT_DIRECTORY}/ FOLLOW_SYMLINK_CHAIN)
+    file(COPY ${CMAKE_SOURCE_DIR}/resource/certs DESTINATION ${RESOURCE_OUTPUT_DIRECTORY}/ FOLLOW_SYMLINK_CHAIN)
     file(COPY ${CMAKE_SOURCE_DIR}/TRANSLATORS DESTINATION ${RESOURCE_OUTPUT_DIRECTORY} FOLLOW_SYMLINK_CHAIN)
     if (GPG_STANDALONE_MODE)
         file(COPY ${CMAKE_SOURCE_DIR}/resource/gpg1.4 DESTINATION ${RESOURCE_OUTPUT_DIRECTORY}/ FOLLOW_SYMLINK_CHAIN)
diff --git a/src/init.cpp b/src/init.cpp
index 4f441c29..e774ab6e 100644
--- a/src/init.cpp
+++ b/src/init.cpp
@@ -23,9 +23,34 @@
  */
 
 #include <boost/date_time.hpp>
+#include <vmime/vmime.hpp>
 
 #include "ui/settings/GlobalSettingStation.h"
 
+vmime::shared_ptr<vmime::security::cert::X509Certificate> load_x509_cert(
+    const boost::filesystem::path& path) {
+  auto out_buffer = GpgFrontend::read_all_data_in_file(path.string());
+  auto cert = vmime::security::cert::X509Certificate::import(
+      reinterpret_cast<const vmime::byte_t*>(out_buffer.data()),
+      out_buffer.size());
+  return cert;
+}
+
+std::vector<boost::filesystem::path> get_files_of_directory(
+    const boost::filesystem::path& _path) {
+  namespace fs = boost::filesystem;
+  std::vector<fs::path> path_list;
+  if (!_path.empty()) {
+    fs::recursive_directory_iterator end;
+
+    for (fs::recursive_directory_iterator i(_path); i != end; ++i) {
+      const fs::path cp = (*i);
+      path_list.push_back(cp);
+    }
+  }
+  return path_list;
+}
+
 void init_logging() {
   using namespace boost::posix_time;
   using namespace boost::gregorian;
@@ -49,7 +74,20 @@ void init_logging() {
 
   el::Loggers::reconfigureLogger("default", defaultConf);
 
-  LOG(INFO) << _("Logfile Path") << logfile_path;
+  LOG(INFO) << _("logfile Path") << logfile_path;
+}
+
+void init_certs() {
+  std::vector<vmime::shared_ptr<vmime::security::cert::X509Certificate>>
+      root_certs;
+  auto cert_file_paths = get_files_of_directory(
+      GpgFrontend::UI::GlobalSettingStation::GetInstance().GetCertsDir());
+  for (const auto& cert_file_path : cert_file_paths) {
+    auto _cert = load_x509_cert(cert_file_path);
+    root_certs.push_back(_cert);
+  }
+  LOG(INFO) << _("root certs loaded") << root_certs.size();
+  GpgFrontend::UI::GlobalSettingStation::GetInstance().SetRootCerts(root_certs);
 }
 
 void init_locale() {
@@ -72,7 +110,7 @@ void init_locale() {
   // read from settings file
   std::string lang;
   if (!general.lookupValue("lang", lang)) {
-    LOG(ERROR) << _("Could not read properly from configure file");
+    LOG(ERROR) << _("could not read properly from configure file");
   };
 
   LOG(INFO) << "lang from settings" << lang;
diff --git a/src/main.cpp b/src/main.cpp
index fa4195ce..3df26886 100644
--- a/src/main.cpp
+++ b/src/main.cpp
@@ -40,6 +40,7 @@ INITIALIZE_EASYLOGGINGPP
 jmp_buf recover_env;
 
 extern void init_logging();
+extern void init_certs();
 extern void init_locale();
 extern void handle_signal(int sig);
 
@@ -64,9 +65,12 @@ int main(int argc, char* argv[]) {
   QApplication::setAttribute(Qt::AA_UseHighDpiPixmaps);
 #endif
 
-  // logging system
+  // config logging system
   init_logging();
 
+  // root certs for tls connection
+  init_certs();
+
   // App config
   QApplication::setApplicationVersion(BUILD_VERSION);
   QApplication::setApplicationName(PROJECT_NAME);
diff --git a/src/ui/CMakeLists.txt b/src/ui/CMakeLists.txt
index 3ec2eb3e..e9e88104 100644
--- a/src/ui/CMakeLists.txt
+++ b/src/ui/CMakeLists.txt
@@ -15,15 +15,16 @@ if (SMTP_SUPPORT)
     aux_source_directory(./smtp UI_SOURCE)
 endif ()
 
-find_library(libvmime NAMES libvmime.a)
+
 add_library(gpgfrontend_ui STATIC ${UI_SOURCE})
 set(GPGFRONTEND_UI_LIB_NAME gpgfrontend_ui)
 # link Qt
 target_link_libraries(${GPGFRONTEND_UI_LIB_NAME}
         Qt5::Network Qt5::PrintSupport Qt5::Widgets Qt5::Test Qt5::Core)
 # link vmime
+find_library(libvmime NAMES libvmime.a)
 target_link_libraries(${GPGFRONTEND_UI_LIB_NAME}
-        ${libvmime})
+        ${libvmime} anl ssl crypto)
 target_include_directories(gpgfrontend_ui PUBLIC
         ${CMAKE_CURRENT_BINARY_DIR}/${GPGFRONTEND_UI_LIB_NAME}_autogen/include)
 
diff --git a/src/ui/settings/GlobalSettingStation.cpp b/src/ui/settings/GlobalSettingStation.cpp
index e88de93b..43534926 100644
--- a/src/ui/settings/GlobalSettingStation.cpp
+++ b/src/ui/settings/GlobalSettingStation.cpp
@@ -24,6 +24,8 @@
 
 #include "GlobalSettingStation.h"
 
+#include <vmime/vmime.hpp>
+
 std::unique_ptr<GpgFrontend::UI::GlobalSettingStation>
     GpgFrontend::UI::GlobalSettingStation::_instance = nullptr;
 
@@ -48,7 +50,10 @@ void GpgFrontend::UI::GlobalSettingStation::Sync() noexcept {
   }
 }
 
-GpgFrontend::UI::GlobalSettingStation::GlobalSettingStation() noexcept {
+GpgFrontend::UI::GlobalSettingStation::GlobalSettingStation() noexcept
+    : default_certs_verifier_(
+          vmime::make_shared<
+              vmime::security::cert::defaultCertificateVerifier>()) {
   using namespace boost::filesystem;
   using namespace libconfig;
 
@@ -92,3 +97,9 @@ GpgFrontend::UI::GlobalSettingStation::GlobalSettingStation() noexcept {
     }
   }
 }
+
+void GpgFrontend::UI::GlobalSettingStation::SetRootCerts(
+    const std::vector<
+        vmime::shared_ptr<vmime::security::cert::X509Certificate>>& certs) {
+  default_certs_verifier_->setX509RootCAs(certs);
+}
diff --git a/src/ui/settings/GlobalSettingStation.h b/src/ui/settings/GlobalSettingStation.h
index a89bf32d..0838dfa4 100644
--- a/src/ui/settings/GlobalSettingStation.h
+++ b/src/ui/settings/GlobalSettingStation.h
@@ -31,6 +31,11 @@
 #include "GpgFrontendBuildInstallInfo.h"
 #include "ui/GpgFrontendUI.h"
 
+namespace vmime::security::cert {
+class defaultCertificateVerifier;
+class X509Certificate;
+}  // namespace vmime::security::cert
+
 namespace GpgFrontend::UI {
 
 class GlobalSettingStation : public QObject {
@@ -68,6 +73,20 @@ class GlobalSettingStation : public QObject {
     return app_resource_path;
   }
 
+  [[nodiscard]] boost::filesystem::path GetCertsDir() const {
+    return app_resource_path / "certs";
+  }
+
+  [[nodiscard]] std::shared_ptr<
+      vmime::security::cert::defaultCertificateVerifier>
+  GetCertVerifier() const {
+    return default_certs_verifier_;
+  }
+
+  void SetRootCerts(
+      const std::vector<
+          std::shared_ptr<vmime::security::cert::X509Certificate>>& certs);
+
   void Sync() noexcept;
 
  private:
@@ -113,6 +132,9 @@ class GlobalSettingStation : public QObject {
 
   libconfig::Config ui_cfg;
 
+  std::shared_ptr<vmime::security::cert::defaultCertificateVerifier>
+      default_certs_verifier_;
+
   static std::unique_ptr<GlobalSettingStation> _instance;
 };
 }  // namespace GpgFrontend::UI