generic-library/curl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

CURLOPT_SSL_VERIFYPEER.3. add a warning about disabling it

Browse Source
This commit is contained in:
Daniel Stenberg 2014-08-02 23:09:22 +02:00
parent 8da2124060
commit e4f6adb023
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
docs/libcurl/opts/CURLOPT_SSL_VERIFYPEER.3
View File

@ -51,6 +51,12 @@ typically also want to ensure that the server is the server you mean to be
talking to. Use \fICURLOPT_SSL_VERIFYHOST(3)\fP for that. The check that the talking to. Use \fICURLOPT_SSL_VERIFYHOST(3)\fP for that. The check that the
host name in the certificate is valid for the host name you're connecting to host name in the certificate is valid for the host name you're connecting to
is done independently of the \fICURLOPT_SSL_VERIFYPEER(3)\fP option. is done independently of the \fICURLOPT_SSL_VERIFYPEER(3)\fP option.
WARNING: disabling verification of the certificate allows bad guys to
man-in-the-middle the communication without you knowing it. Disabling
verification makes the communication insecure. Just having encryption on a
transfer is not enough as you cannot be sure that you are communicating with
the correct end-point.
.SH DEFAULT .SH DEFAULT
By default, curl assumes a value of 1. By default, curl assumes a value of 1.
.SH PROTOCOLS .SH PROTOCOLS