CURLOPT_SSL_VERIFYPEER: more clarifications

The default value is 1. curl _uses_ a default CA bundle, it doesn't install one. Drop the references to 7.10 as that is now >8 years old!
2024-12-21 23:58:49 -05:00 · 2011-01-19 13:19:44 +01:00 · 2011-01-19 13:19:44 +01:00 · 4f13340ab8
commit 4f13340ab8
parent b0940753c6
1 changed files with 6 additions and 6 deletions
--- a/docs/libcurl/curl_easy_setopt.3
+++ b/docs/libcurl/curl_easy_setopt.3
@ -1872,19 +1872,19 @@ Force SSLv2
 Force SSLv3
 .RE
 .IP CURLOPT_SSL_VERIFYPEER
-Pass a long as parameter.
+Pass a long as parameter. By default, curl assumes a value of 1.

 This option determines whether curl verifies the authenticity of the peer's
-certificate. A value of 1 means curl verifies; zero means it doesn't.  The
-default is nonzero, but before 7.10, it was zero.
+certificate. A value of 1 means curl verifies; 0 (zero) means it doesn't.

 When negotiating an SSL connection, the server sends a certificate indicating
 its identity.  Curl verifies whether the certificate is authentic, i.e. that
 you can trust that the server is who the certificate says it is.  This trust
 is based on a chain of digital signatures, rooted in certification authority
-(CA) certificates you supply.  As of 7.10, curl installs a default bundle of
-CA certificates and you can specify alternate certificates with the
-\fICURLOPT_CAINFO\fP option or the \fICURLOPT_CAPATH\fP option.
+(CA) certificates you supply.  curl uses a default bundle of CA certificates
+(the path for that is determined at build time) and you can specify alternate
+certificates with the \fICURLOPT_CAINFO\fP option or the \fICURLOPT_CAPATH\fP
+option.

 When \fICURLOPT_SSL_VERIFYPEER\fP is nonzero, and the verification fails to
 prove that the certificate is authentic, the connection fails.  When the