can either libcurl's SSL/TLS hostname verification, or hostname resolving, be overridden?

Hi folks, My question is at the very end, but let me describe my scenario first. I'm writing a program (using libcurl's multi interface) that needs to have concurrent persistent HTTP connections to the same hostname *but* to different IPs (the hostname in question uses DNS-based load balancing,

Re: Curl ES 60: Invalid certificate chain on MacOS 10.10.3 (Yosemite)

Hi, This snippet from CURLOPT_CAPATH doc might be relevant: If libcurl is built against OpenSSL, the certificate directory must be prepared using the openssl c_rehash utility. HTH, -Vadim On 5/8/15 2:39 AM, Volker Schmid wrote: Hello all, I have a specific problem at a customer. Our

Re: the new site layout went live

Hi, Good to see updates to the web page! A few thoughts after briefly looking at it: 1. The horizontal menu works well on pages where it fits on a single line (e.g., the main page). On pages where the menu is split into two lines, e.g. on .../libcurl/c/, it's a bit 'busy'. In the old vertical

Re: Difference between CURLOPT_SSL_VERIFYHOST and CURLOPT_SSL_VERIFYPEER?

On 7/7/15 10:12 AM, Dr. Roger Cuypers wrote: Greetings, can someone explain me what the difference between CURLOPT_SSL_VERIFYHOST and CURLOPT_SSL_VERIFYPEER is in the context of a client program? For a client, the host and the peer are both the server. The only difference I can make out at

documentation bug: wrong example reference for CURLOPT_SSL_CTX_FUNCTION

Hi, I noticed that the documentation page https://curl.haxx.se/libcurl/c/CURLOPT_SSL_CTX_FUNCTION.html has the following text (emphasis mine): For example, you can use this function to call library-specific callbacks to add additional validation code for certificates, and even to

Re: stop shipping PDF and HTML versions in tarballs?

On 10/10/16 2:41 AM, Daniel Stenberg wrote: Hi friends! Do the HTML and PDF versions of our man pages that we ship in every tarball provide any value to you? I usually use the online docs on the web site. HTML could be useful if my net connection is down (admittedly, that's a corner case).

a couple of questions re CURLOPT_RESOLVE

Hi, I'm looking to make use of CURLOPT_RESOLVE, and would like to get a couple clarifications on its semantics. The basic question is this: is the list that the application provides as the argument to CURLOPT_RESOLVE treated as incremental updates to an internal DNS cache, or is it

Re: CURLOPT_SSL_VERIFYHOST with raw IP addresses

On 1/31/19 9:43 AM, Martin Galvan via curl-library wrote: > Hi all, > > My application is currently setting CURLOPT_SSL_VERIFYHOST to 2 in > order to enable cert identity verification. However, I saw that > passing the remote host's IP address to libcurl (as opposed to the > hostname) results on

configure script does not handle --with-darwinssl correctly?

Hi, I've been trying to get curl to build on a Mac (11.4/Big Sur) with Secure Transport support, and ran into what I believe is surprising behavior of curl's configure script. The configure script is invoked with the "--with-darwinssl" option, but then the message below is shown, and curl

Re: configure script does not handle --with-darwinssl correctly?

On 6/6/21 6:13 AM, Daniel Stenberg wrote: On Sun, 6 Jun 2021, Vadim Grinshpun via curl-library wrote: The docs <https://urldefense.com/v3/__https://curl.se/docs/install.html__;!!GjvTz_vk!Cu6SzIWdizDPzZRSzqY5i0qJTYT3ZS4c3Tu-CKX8uYb4g31qeN995joUW48iBc8$ > seem to indicate that --with-dar