diff options
author | Daniel Stenberg <daniel@haxx.se> | 2021-11-15 15:07:01 +0100 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2021-11-15 15:07:01 +0100 |
commit | d9a18a677427f84bf3c2162cb7b60f5c84d8d49a (patch) | |
tree | d92f5c7e2a6466d987af8008e8e8274ddbe72aa3 | |
parent | 3bf54f90f3875062c0aa984cb90ddd35565d01cd (diff) | |
download | curl-bagder/insecure-expand.tar.gz |
insecure.d: expand and clarifybagder/insecure-expand
-rw-r--r-- | docs/cmdline-opts/insecure.d | 16 |
1 files changed, 9 insertions, 7 deletions
diff --git a/docs/cmdline-opts/insecure.d b/docs/cmdline-opts/insecure.d index 5f39a339b..0fd09cfa2 100644 --- a/docs/cmdline-opts/insecure.d +++ b/docs/cmdline-opts/insecure.d @@ -2,19 +2,21 @@ Long: insecure Short: k Help: Allow insecure server connections when using SSL Protocols: TLS -See-also: proxy-insecure cacert +See-also: proxy-insecure cacert capath Category: tls Example: --insecure $URL Added: 7.10 --- -By default, every SSL connection curl makes is verified to be secure. This -option allows curl to proceed and operate even for server connections -otherwise considered insecure. +By default, every SSL/TLS connection curl makes is verified to be secure +before the transfer takes place. This option makes curl skip the verification +step and proceed without checking. -The server connection is verified by making sure the server's certificate -contains the right name and verifies successfully using the cert store. +When this option is not used, curl verifies the server's TLS certificate +before it continues: that the certificate contains the right name which +matches the host name used in the URL and that the certificate has been signed +by a CA certificate present in the cert store. See this online resource for further details: https://curl.se/docs/sslcerts.html -**WARNING**: this makes the transfer insecure. +**WARNING**: using this option makes the transfer insecure. |