Post command help
J. Landman Gay
jacque at hyperactivesw.com
Mon Jun 24 14:25:44 EDT 2013
Thanks Mark, that's exactly what I needed to know. This stuff is out of
my league.
On 6/24/13 11:03 AM, Mark Wilcox wrote:
>
>
>>> Another suggestion would be setting the property
>>> libUrlSetSSLVerification to false as this may also resolve the
>>> issue..
>
>> Another question: does setting libUrlSetSSLVerification to false
>> mean security is turned off completely, or only that the
>> certificate isn't checked?
>
> Not doing SSL Certificate Verification means that the certificate
> isn't checked, the content is still sent encrypted. Whether this
> matters depends on the setup - if you control both the client and
> server ends then it's not such a big deal, although technically it
> does leave you vulnerable to man-in-the-middle attacks. You still
> have the option of bundling a collection of root certificates with
> your app (and you can find up to date collections online freely) but
> that will mean the certificates will not be updated unless your app
> is, so overtime they will go out of date. If you're only connecting
> to your own server that's not much of a problem either - you need to
> give everyone an update of the app when a certificate in your one
> certificate chain expires but that's all. Keeping a general set of
> certificates for the open web up to date is another matter entirely.
>
> Mark _______________________________________________ use-livecode
> mailing list use-livecode at lists.runrev.com Please visit this url to
> subscribe, unsubscribe and manage your subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode
>
--
Jacqueline Landman Gay | jacque at hyperactivesw.com
HyperActive Software | http://www.hyperactivesw.com
More information about the use-livecode
mailing list