On 1/24/19 4:27 PM, Matthias Rebbe via use-livecode wrote:
Am 24.01.2019 um 21:11 schrieb J. Landman Gay via use-livecode
<use-livecode@lists.runrev.com <mailto:use-livecode@lists.runrev.com>>:
On Jan 24, 2019, at 03:31 , Matthias Rebbe via
use-livecode<use-livecode@lists.runrev.com
<mailto:use-livecode@lists.runrev.com>> wrote:
i do not know what might be the reason, but when i run into problems with sftp
or https connections i disable
SSL peer certificate verification with
tsNetVerifySSLPeer false
just to see if it´s working without verification of the SSL peer certificate.
I've had a problem in the past where a certificate fails in the hops between
the client and the server. (At least, I think that was the problem.) I had to
set libURLSetSSLVerification to false, which isn't safe but allows all
connections to work.
How does tsNetVerifySSLPeer compare to libURLSetSSLVerification? Is
verification of peers different from verification of all certificates?
For community edition libURLSetSSLVerfication is the only way to disable the
SSL Verification.
In Indy and Business i think you can use both, because LibURL library contains
a tsNet wrapper, so that if tsNET is available,then libURL uses tsNet instead
of the normal liburl script. That´s how i understood how liburl and tsNet work
together.
But i think Charles Warwick could explain it better. ;) He wrote the wrapper
in liburl.
I'm using the Business edition so I can use either command. But my main
question is whether it is possible to ignore intermediate SSL
certificates while still verifying the target server certificate. Or
would that be unsafe too?
--
Jacqueline Landman Gay | jac...@hyperactivesw.com
HyperActive Software | http://www.hyperactivesw.com
_______________________________________________
use-livecode mailing list
use-livecode@lists.runrev.com
Please visit this url to subscribe, unsubscribe and manage your subscription
preferences:
http://lists.runrev.com/mailman/listinfo/use-livecode