https://linux.die.net/man/1/curl
-k/--insecure(SSL) This option explicitly allows curl to perform "insecure" SSL connections and transfers. All SSL connections are attempted to be made secure by using the CA certificate bundle installed by default. This makes all connections considered "insecure" fail unless *-k/--insecure* is used. In short, curl will still make encrypted SSL/TLS connections at supported protocol versions (some servers and companies will still fall back to earlier standards). The encrypted/decrypted communication is considered insecure because the trust portion of the protocol is bypassed. And yes Ralf, if the servers or companies have strict security standards requiring newer protocol versions, then curl will fail or will eventually fail to communicate with them. This is why the proxy support is a better solution today. The system hosting the proxy can be newer and support the newest security standards for older systems. On Sat, Aug 5, 2023 at 12:50 PM Ralf Quint <freedos...@gmail.com> wrote: > On 8/5/2023 12:37 PM, Louis Santillan wrote: > > zerofive, you did not provide us actual error messages. We can only > > speculate. > > > > At least with curl on Linux, you can bypass cert checks with “-k”. If > > you still believe it’s certs and you have a known good certificate and > > private key, you pass them as “--cert” and “--key”, respectively. > > wget has similar arguments as well. > The general problem here is, as I already mentioned, more likely the > lack of support of current encryption protocols rather than the use of > any certificate by those protocols. > > And any bypass you mentioned is likely just a way to fall back to > unencrypted http, which more and more sites these days simply do not > support anymore. > > > Ralf > > >
_______________________________________________ Freedos-user mailing list Freedos-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/freedos-user
