-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tuesday 03 June 2003 14:45, Hans H. Anderson wrote:
> I know it seems strange, but I have a need to run CURL against localhost
> in SSL mode. I just upgraded to 7.10.4 and I can't do this anymore. I'm
> getting exit code 51, which means the certificate doesn't match the domain
> (it's looking for the real domain, not localhost).
>
> Is there any danger to using the '-k' switch to connect w/o certs? It
> will still be encrypted, right?

- -k skips all peer certificate checking. For curl versions prior to 7.10 that
was the default. I think, that is good for you. If you only want to avoid
host name vs. peer certificate common name checking you can try my patch
http://curl.haxx.se/mail/archive-2003-06/0003.html. Then the peer certificate
is checked for a valid signer, expiration etc.

Torsten
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE+3J7owicyCTir8T4RAnJtAJ93p9agHEzQZKQJIGXOhUzAekvCKQCcDeuy
mB0K7Atf+FoQh336E7CaHsA=
=MOGN
-----END PGP SIGNATURE-----

-------------------------------------------------------
This SF.net email is sponsored by: eBay
Get office equipment for less on eBay!
http://adfarm.mediaplex.com/ad/ck/711-11697-6916-5
Received on 2003-06-03