Adam Thompson <[email protected]> writes: > Sorry for the late post (think I've missed the cut off), > but I just found that I'm unable to disable ssl certificate verification with > edbrowse when built on my work debian sid system.
Well, you missed the cutoff, but so did I. If you think you can figure out what is going on, I'm more than willing to hold off until we know more. I have a suspicion. There's a second option related to SSL certificate verification that is always set to true. It is CURLOPT_VERIFYHOST. CURLOPT_VERIFYPEER checks to see that the certificate is signed by a recognized certificate authority. CURLOPT_VERIFYHOST checks that the hostname given in the certificate is the same as the hostname that you are connecting to. And these are separate checks. For our purposes, they probably don't need to be. So the open question is whether CURLOPT_VERIFYHOST should always match CURLOPT_VERIFYPEER? -- Chris as _______________________________________________ Edbrowse-dev mailing list [email protected] http://lists.the-brannons.com/mailman/listinfo/edbrowse-dev
