On Wed, 13 Sep 2006, Marian Cerny wrote:

> when CURLOPT_SSL_VERIFYPEER is set to 0, then validity period of
> certificates is not checked too?

Actually, looking at the code I'm not immediately sure how the period
validation is done, if at all.

I'd be interested to learn as well once you find out!

> Is there an option to verify if the server certificate is not expired, but
> not to verify the authenticity?

No, there's no such option.

> Or it does not give any sense at all?

I don't see how it is any useful to know that the certificate that you don't
care if it is for the right server or not, is outdated.

-- 
  Commercial curl and libcurl Technical Support: http://haxx.se/curl.html