I've attached a patch for a change to the SSL certificate documentation. I'd like to propose two changes:
1. The NSS certificate documentation had several typos and grammatical errors. I tried to iron them out. 2. The documentation mentions SSL certificate bundles, but doesn't mention that the schannel and darwinssl engines don't use SSL certificate bundles; they use the certificates that are in the Internet Options control panel (schannel) or the Keychain (darwinssl). I added documentation for both of them. Comments? Corrections? Objections? Blessings for committing? I also couldn't help but notice that the current lib/curl_schannel.c code returns CURLE_SSL_CONNECT_ERROR instead of CURLE_SSL_CACERT if there was a certificate-related error during the TLS/SSL handshake. Why CURLE_SSL_CONNECT_ERROR? I thought CURLE_SSL_CACERT was the correct return value if there was a certificate problem with the site, but I could be wrong. Nick Zitzmann <http://www.chronosnet.com/>
sslcerts.patch
Description: Binary data
------------------------------------------------------------------- List admin: http://cool.haxx.se/list/listinfo/curl-library Etiquette: http://curl.haxx.se/mail/etiquette.html
