Hi Ángel, Ángel González <[email protected]> writes:
> What about adding a hint about providing the self-signed as trusted? > > Something like: >> diff --git a/doc/wget.texi b/doc/wget.texi >> index 64cb056..f3925ca 100644 >> --- a/doc/wget.texi >> +++ b/doc/wget.texi >> @@ -1725,9 +1725,12 @@ this option to bypass the verification and >> proceed with the download. >> site's authenticity, or if you really don't care about the validity of >> its certificate.} It is almost always a bad idea not to check the >> certificates when transmitting confidential or important data. >> -If you are really sure of what you are doing, you can specify >> ---check-certificate=quiet to tell wget to not print any warning about >> -invalid certificates, in most cases this is the wrong thing to do. >> +For self-signed/internal certificates, you should download the >> certificate >> +and verify against that instead of forcing this insecure mode. >> +If you are really sure of not desiring any certificate verification, you >> +can specify --check-certificate=quiet to tell wget to not print any >> +warning about invalid certificates, albeit in most cases this is the >> +wrong thing to do. thanks for the suggestion, it looks fine to me. I already pushed the patch, could you prepare a new one that adds this part? Regards, Giuseppe
