Disabling SSL Verification on std.net.curl
Jon Giddy via Digitalmars-d-learn
digitalmars-d-learn at puremagic.com
Fri May 16 09:51:24 PDT 2014
On Friday, 16 May 2014 at 07:37:33 UTC, Mengu wrote:
> On Friday, 16 May 2014 at 04:58:47 UTC, Jack wrote:
>>
>> std.net.curl.CurlException at std\net\curl.d(3592): problem with
>> the SSL CA cert (path? access rights?) on handle 22D3D68
>>
>> And since I am only using the program by myself for personal
>> things, I was thinking of disabling SSL Verification to stop
>> it from complaining about the cert.
>>
>> So how do I do it?
>
> hi Jack
>
> curl has an option called SSL_VERIFYPEER which is supported by
> etc.c.curl: CurlOption.
While setting SSL_VERIFYPEER = 0 can be useful for quickly
confirming whether CA certificates are causing the problem, and
you seem to be aware of the implications, it is worth
emphasising, particularly for anyone finding this thread through
a search, that setting SSL_VERIFYPEER = 0 reduces the security of
SSL almost to the same point as not using SSL at all!
See Section 10 of "The Most Dangerous Code in the World":
http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf
More information about the Digitalmars-d-learn
mailing list