mirror of
https://github.com/moparisthebest/curl
synced 2024-12-21 15:48:49 -05:00
mention what kind of error you may get if this is not followed
This commit is contained in:
parent
c05dae4a68
commit
5627cf7167
16
SSLCERTS
16
SSLCERTS
@ -26,10 +26,14 @@ included in the bundle, then you need to do one of the following:
|
||||
|
||||
With the curl command tool: --cacert [file]
|
||||
|
||||
This upgrade procedure has been deemed The Right Thing even though it adds
|
||||
this extra trouble for some users, since it adds security to a majority of the
|
||||
SSL connections that previously weren't really secure.
|
||||
Neglecting to use one of the above menthods when dealing with a server using a
|
||||
certficate that isn't signed by one of the certficates in the installed CA
|
||||
cert bundle, will cause SSL to report an error ("certificate verify failed")
|
||||
during the handshake and SSL will then refuse further communication with that
|
||||
server.
|
||||
|
||||
It turned out many people were using previous versions of curl/libcurl without
|
||||
realizing the need for the CA cert options to get truly secure SSL
|
||||
connections.
|
||||
This procedure has been deemed The Right Thing even though it adds this extra
|
||||
trouble for some users, since it adds security to a majority of the SSL
|
||||
connections that previously weren't really secure. It turned out many people
|
||||
were using previous versions of curl/libcurl without realizing the need for
|
||||
the CA cert options to get truly secure SSL connections.
|
||||
|
Loading…
Reference in New Issue
Block a user