At 12:38 AM 12/3/2002 -0600, you wrote:
>A change was made between 7.9.8 and 7.10 that affected the way
>certificates are
>handled. Here's the note from the CHANGES file in the source:
><snip>
> The curl tool now requires the -k/--insecure option in order to allow
> connections and operations on SSL sites that aren't properly
> verified with
> -cafile or --capath. ...

Fantastic! Thanks for the info. I'm still somewhat unclear on what kind
of security risk one introduces by using -k, though. Is there a risk of
someone faking your cert somehow? As you may see, I'm paranoid about these
things of which I know little. :)

>That might make a difference. If your server admins are keen to help,
>maybe you
>could get them to do what I do here, which is to install each version of
>curl in
>its own directory instead of load it into the general hierarchy: <snip>

Great advice, thanks! I like that a lot for a lot of applications. I'll
read up on the bennies of 7.10+ and decide if it's worth asking them to do
this for me. Some of this stuff is a bit too close to the "core" of the
Web server for my comfort, so they've been nice enough to help me out.

Thanks for the help!
Regards,
Paul Hoza

-------------------------------------------------------
This SF.net email is sponsored by: Get the new Palm Tungsten T
handheld. Power & Color in a compact size!
http://ads.sourceforge.net/cgi-bin/redirect.pl?palm0002en
Received on 2002-12-03