projects / platform / upstream / curl.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Update to 7.40.1
[platform/upstream/curl.git] / docs / libcurl / opts / CURLOPT_SSL_VERIFYPEER.3
diff --git a/docs/libcurl/opts/CURLOPT_SSL_VERIFYPEER.3 b/docs/libcurl/opts/CURLOPT_SSL_VERIFYPEER.3
index ec158cc..f2bad74 100644 (file)
--- a/docs/libcurl/opts/CURLOPT_SSL_VERIFYPEER.3
+++ b/docs/libcurl/opts/CURLOPT_SSL_VERIFYPEER.3
@@ -51,6 +51,12 @@ typically also want to ensure that the server is the server you mean to be
 talking to.  Use \fICURLOPT_SSL_VERIFYHOST(3)\fP for that. The check that the
 host name in the certificate is valid for the host name you're connecting to
 is done independently of the \fICURLOPT_SSL_VERIFYPEER(3)\fP option.
+
+WARNING: disabling verification of the certificate allows bad guys to
+man-in-the-middle the communication without you knowing it. Disabling
+verification makes the communication insecure. Just having encryption on a
+transfer is not enough as you cannot be sure that you are communicating with
+the correct end-point.
 .SH DEFAULT
 By default, curl assumes a value of 1.
 .SH PROTOCOLS
Domain: Network & Connectivity / Data Network;