Topics
All
MacOS
(Only)
Windows
(Only)
Linux
(Only, Not)
iOS
(Only, Not)
Components
Crossplatform Mac & Win
Server
Client
Old
Deprecated
Guides
Examples
Videos
New in version:
12.1
12.2
12.3
12.4
12.5
13.0
13.1
13.2
13.3
13.4
Statistic
FMM
Blog
CURL.SetOptionSSLVerifyHost
Sets whether to verify host.
Component |
Version |
macOS |
Windows |
Linux |
Server |
iOS SDK |
CURL
|
2.5 |
✅ Yes |
✅ Yes |
✅ Yes |
✅ Yes |
✅ Yes |
MBS( "CURL.SetOptionSSLVerifyHost"; curl; Value )
More
MBS(
"CURL.SetOptionSSLVerifyHost"; /* Sets whether to verify host. */
$curl; /* The CURL session handle. */
$Value) /* Whether to verify host.
Pass 0 to not verify, 1 for limited check and 2 for full check.e.g. 2 */
Less
Parameters
Parameter |
Description |
Example |
curl |
The CURL session handle. |
$curl |
Value |
Whether to verify host.
Pass 0 to not verify, 1 for limited check and 2 for full check. |
2 |
Result
Returns "OK" on success.
Description
Sets whether to verify host.
This option determines whether libcurl verifies that the server cert is for the server it is known as.
When negotiating a SSL connection, the server sends a certificate indicating its identity.
When value is 2, that certificate must indicate that the server is the server to which you meant to connect, or the connection fails.
Curl considers the server the intended one when the Common Name field or a Subject Alternate Name field in the certificate matches the host name in the URL to which you told Curl to connect.
When the value is 1, the certificate must contain a Common Name field, but it doesn't matter what name it says. (This is not ordinarily a useful setting).
When the value is 0, the connection succeeds regardless of the names in the certificate.
The default, since 7.10, is 2.
This option controls checking the server's claimed identity. The server could be lying. To control lying, see CURL SetOptionSSLVerifyPeer.
see also
http://www.mbsplugins.de/archive/2013-01-31/SSL_Security_with_CURL/monkeybreadsoftware_blog_archive
When you don't set the options for certificate path or load system certificates, the MBS Plugin will disable the verify step to let the transfer run.
See also SSL_VERIFYHOST option in CURL manual.
Examples
Disable SSL Verification:
MBS( "CURL.SetOptionSSLVerifyPeer"; $curl; 0 )
MBS( "CURL.SetOptionSSLVerifyHost"; $curl; 0 )
Enables verification and uses cacert.pem file for certificates:
MBS( "CURL.SetOptionCAInfo"; $curl; $cacertPath )
MBS( "CURL.SetOptionSSLVerifyHost"; $curl; 2 )
MBS( "CURL.SetOptionSSLVerifyPeer"; $curl; 1 )
See also
Example Databases
Blog Entries
Created 18th August 2014, last changed 22nd July 2021
CURL.SetOptionSSLSessionIDCache
-
CURL.SetOptionSSLVerifyPeer