Components All New MacOS Windows Linux iOS
Examples Mac & Win Server Client Guides Statistic FMM Blog Deprecated Old

CURL.SetOptionSSLVerifyHost

Sets whether to verify host.

Component Version macOS Windows Linux Server iOS SDK
CURL 2.5 ✅ Yes ✅ Yes ✅ Yes ✅ Yes ✅ Yes
MBS( "CURL.SetOptionSSLVerifyHost"; curl; Value )   More

Parameters

Parameter Description Example
curl The CURL session handle. $curl
Value Whether to verify host.
Pass 0 to not verify, 1 for limited check and 2 for full check.
2

Result

Returns "OK" on success.

Description

Sets whether to verify host.
This option determines whether libcurl verifies that the server cert is for the server it is known as.

When negotiating a SSL connection, the server sends a certificate indicating its identity.

When value is 2, that certificate must indicate that the server is the server to which you meant to connect, or the connection fails.

Curl considers the server the intended one when the Common Name field or a Subject Alternate Name field in the certificate matches the host name in the URL to which you told Curl to connect.

When the value is 1, the certificate must contain a Common Name field, but it doesn't matter what name it says. (This is not ordinarily a useful setting).

When the value is 0, the connection succeeds regardless of the names in the certificate.

The default, since 7.10, is 2.

This option controls checking the server's claimed identity. The server could be lying. To control lying, see CURL SetOptionSSLVerifyPeer.

see also
http://www.mbsplugins.de/archive/2013-01-31/SSL_Security_with_CURL/monkeybreadsoftware_blog_archive

When you don't set the options for certificate path or load system certificates, the MBS Plugin will disable the verify step to let the transfer run.

See also SSL_VERIFYHOST option in CURL manual.

Examples

Disable SSL Verification:

MBS( "CURL.SetOptionSSLVerifyPeer"; $curl; 0 )
MBS( "CURL.SetOptionSSLVerifyHost"; $curl; 0 )

Enables verification and uses cacert.pem file for certificates:

MBS( "CURL.SetOptionCAInfo"; $curl; $cacertPath )
MBS( "CURL.SetOptionSSLVerifyHost"; $curl; 2 )
MBS( "CURL.SetOptionSSLVerifyPeer"; $curl; 1 )

See also

Example Databases

Blog Entries

Created 18th August 2014, last changed 22nd July 2021


CURL.SetOptionSSLSessionIDCache - CURL.SetOptionSSLVerifyPeer