aboutsummaryrefslogtreecommitdiff
path: root/docs/libcurl
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2011-01-19 13:19:44 +0100
committerDaniel Stenberg <daniel@haxx.se>2011-01-19 13:19:44 +0100
commit4f13340ab8be7baa0fe6210bb3a19b8994875fd8 (patch)
treed731ae4d86af9aefb4143b8493543c7907e921da /docs/libcurl
parentb0940753c6139a77690138bcd557a7f57d3b2e5f (diff)
CURLOPT_SSL_VERIFYPEER: more clarifications
The default value is 1. curl _uses_ a default CA bundle, it doesn't install one. Drop the references to 7.10 as that is now >8 years old!
Diffstat (limited to 'docs/libcurl')
-rw-r--r--docs/libcurl/curl_easy_setopt.312
1 files changed, 6 insertions, 6 deletions
diff --git a/docs/libcurl/curl_easy_setopt.3 b/docs/libcurl/curl_easy_setopt.3
index e6e412305..95772d2e3 100644
--- a/docs/libcurl/curl_easy_setopt.3
+++ b/docs/libcurl/curl_easy_setopt.3
@@ -1872,19 +1872,19 @@ Force SSLv2
Force SSLv3
.RE
.IP CURLOPT_SSL_VERIFYPEER
-Pass a long as parameter.
+Pass a long as parameter. By default, curl assumes a value of 1.
This option determines whether curl verifies the authenticity of the peer's
-certificate. A value of 1 means curl verifies; zero means it doesn't. The
-default is nonzero, but before 7.10, it was zero.
+certificate. A value of 1 means curl verifies; 0 (zero) means it doesn't.
When negotiating an SSL connection, the server sends a certificate indicating
its identity. Curl verifies whether the certificate is authentic, i.e. that
you can trust that the server is who the certificate says it is. This trust
is based on a chain of digital signatures, rooted in certification authority
-(CA) certificates you supply. As of 7.10, curl installs a default bundle of
-CA certificates and you can specify alternate certificates with the
-\fICURLOPT_CAINFO\fP option or the \fICURLOPT_CAPATH\fP option.
+(CA) certificates you supply. curl uses a default bundle of CA certificates
+(the path for that is determined at build time) and you can specify alternate
+certificates with the \fICURLOPT_CAINFO\fP option or the \fICURLOPT_CAPATH\fP
+option.
When \fICURLOPT_SSL_VERIFYPEER\fP is nonzero, and the verification fails to
prove that the certificate is authentic, the connection fails. When the