summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Stenberg <daniel@haxx.se>2017-03-08 09:15:53 +0100
committerDaniel Stenberg <daniel@haxx.se>2017-03-08 09:17:32 +0100
commit324bf2fd369232a134de44837d121ece087c2f60 (patch)
tree89196ce894909c3d47ec7f60cc912f501a65c0e8
parent348f8a3da9b5ee0701e10c811d5594cb1c98bad7 (diff)
downloadcurl-324bf2fd369232a134de44837d121ece087c2f60.tar.gz
insecure.d: clarify that this is for server connections
Assisted-by: Ray Satiro Bug: https://curl.haxx.se/mail/lib-2017-03/0002.html
-rw-r--r--docs/cmdline-opts/insecure.d14
1 files changed, 9 insertions, 5 deletions
diff --git a/docs/cmdline-opts/insecure.d b/docs/cmdline-opts/insecure.d
index 1dd0fa8c0..49b0a4322 100644
--- a/docs/cmdline-opts/insecure.d
+++ b/docs/cmdline-opts/insecure.d
@@ -1,12 +1,16 @@
Long: insecure
Short: k
-Help: Allow insecure connections when using SSL
+Help: Allow insecure server connections when using SSL
Protocols: TLS
+See-also: proxy-insecure cacert
---
-This option explicitly allows curl to perform "insecure" SSL connections and
-transfers. All SSL connections are attempted to be made secure by using the CA
-certificate bundle installed by default. This makes all connections considered
-\&"insecure" fail unless --insecure is used.
+
+By default, every SSL connection curl makes is verified to be secure. This
+option allows curl to proceed and operate even for server connections
+otherwise considered insecure.
+
+The server connection is verified by making sure the server's certificate
+contains the right name and verifies successfully using the cert store.
See this online resource for further details:
https://curl.haxx.se/docs/sslcerts.html