On 9 Sep 2004, at 17:12, Frank Leahy wrote:
Interesting. Anyone know if getting this error will preclude data being returned from the https connection? For example, I can imagine having a web server where I didn't bother getting a Verisign (or other) certificate, but I still wanted to get and put data over an https connection.
-- Frank
Yes. Right now it will prevent you doing this if you go via libUrl.
libUrl uses "open secure socket ... with verification", which requires a certificate.
However, it shouldn't be too hard to add something to libUrl which allows you to use "without verification". perhaps a "switch command" such as libUrlSetSSLVerification <true|false> with the default being true.
Of course, anyone using this would have to be careful. I could imagine a faulty implementation like this:
verification fails application asks user if he/she wants to continue without verification application switches off verification and completes request application *forgets* to switch it back on again all future https requests are unverified end of civilisation
Cheers Dave
_______________________________________________ use-revolution mailing list [EMAIL PROTECTED] http://lists.runrev.com/mailman/listinfo/use-revolution
