url GET https requests --> "walking" thru certificate issues
Sivakatirswami
katir at hindu.org
Tue Jan 10 15:59:54 EST 2006
OK, will test, but if I read this correctly, then my app has to
download-write the cert to each remote-user-machine that needs
access. This means one is distributing one's certificate "out into
the wild" x number of copies of the cert are on x number of hard
drive out there somewhere: does this not represent an enormous
security hole?
On Jan 10, 2006, at 1:34 AM, David Bovill wrote:
> Sounds to me like you need to download and install a certificate
> and then use this certificate in Rev - the process you describe is
> what the browser does to install this certificate - so one way or
> another you need to get Rev to point to this certificate on the
> local machine - see the recent post from Dar regarding my question
>
> On 10 Jan 2006, at 08:47, Dave Cragg wrote:
>
>
>>
>> On 10 Jan 2006, at 01:59, Sivakatirswami wrote:
>>
>>
>>>
>>> Does anyone know a way to get libURL to "walk thru" these server
>>> responses, just like a user would in a browser?
>>>
>>>
>>
>> Did you try this?
>>
>> libUrlSetSSLVerification false
>>
>> It won't let you "walk thru", but may let you skip them altogether.
>>
>
> I think this won't work for you - as this is just for using htpps
> without certificates - and you need to install one just as the
> process of dialogues you describe does for the browser - is this
> right Dar? Here is the relevant post from Dar which I quote - you
> would not be using a CAcert certificate, but the right one from
> your own server - don't ask me yet how to do this - but whoever
> sets up your server side SSL certificates "may" understand what you
> are talking about :)
>
>
>> From the following url
>>
>> https://www.cacert.org/index.php?id=3
>>
>> download the Class 1 (PEM format) Root Certificate. (This will be
>> a file named "root.crt")
>>
>> Then set the sslCertificates to this file:
>>
>> set the sslCertificates to "/whatever/root.crt"
>>
>> Then to test, try to connect to ths test url: https://
>> www.cacert.org/
>>
>> put url "https://www.cacert.org/" into tData
>> if the result is not empty then
>> answer the result
>> else
>> answer "seem to be working"
>> end if
>>
>> There should be no need to use libUrlSetSSLVerification. It is
>> true by default, but if you have previously set it to false, then
>> you should reset it to true. It certainly won't harm to
>> specifically set it to true.
>>
>>
> _______________________________________________
> use-revolution mailing list
> use-revolution at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your
> subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-revolution
>
More information about the use-livecode
mailing list