We are now using a good cert for the CrossWire server, but I don’t know if all
SSL services use it yet. I’d be interested if a client has that changed from
false to true would properly work. It shouldn’t allow a self signed cert, which
is what we used to do.
If it doesn’t work, then I’d have to
Looking at the source it looks more like its used for FTP instead :)
https://github.com/bibletime/crosswire-sword-mirror/blob/trunk/src/mgr/curlhttpt.cpp
J
On 18.09.2016 20:55, Greg Hellings wrote:
> https://curl.haxx.se/libcurl/c/CURLOPT_SSL_VERIFYPEER.html
>
> Is curlhttpt.c used for HTTPS? I
https://curl.haxx.se/libcurl/c/CURLOPT_SSL_VERIFYPEER.html
Is curlhttpt.c used for HTTPS? I don't have the source in front of me, but
that name suggests it is only for the raw HTTP connection.
--Greg
On Sep 18, 2016 12:05 PM, "DM Smith" wrote:
> I'll look into it.
>
>
> On Sep 18, 2016, at 11:
I'll look into it.
> On Sep 18, 2016, at 11:20 AM, Jaak Ristioja wrote:
>
> Hi!
>
> In src/mgr/curlhttpt.cpp:
>
>/* Disable checking host certificate */
>curl_easy_setopt(session, CURLOPT_SSL_VERIFYPEER, false);
>
> Why? Afaik this allows the use of self-signed certificates for MiTM
Hi!
In src/mgr/curlhttpt.cpp:
/* Disable checking host certificate */
curl_easy_setopt(session, CURLOPT_SSL_VERIFYPEER, false);
Why? Afaik this allows the use of self-signed certificates for MiTM.
Best regards,
J
___
sword-devel mailing list:
