libURLsetVerification

[Dave Cragg]

Jacques,

Does you application do anything that might reset local variables in libUrl. For example, using resetAll or libUrlResetAll. In that case, if libURLSetSSLVerification is not set again, I think subsequent secure sockets will have verification set to true.

Cheers
Dave


On 6 Nov 2014, at 21:18, J. Landman Gay <jacque at hyperactivesw.com> wrote:

> My client has just received a report from a user who got an error about a self-signed certificate in the certificate chain at depth 3. This is the first one of these we've seen out of hundreds of users operating the app almost daily over the last several months.
> 
> The app has libURLSetVerification set to false and shouldn't be enforcing any validation. So, some questions:
> 
> 1. The app was compiled with LC 6.6.4. Is anyone aware of any libURL issues with that version?
> 
> 2. The error occured after a POST to a server and the POST did not complete. Would the error be due to the server trying to validate, or from my app? The server has a valid signed cert.
> 
> 3. Is it possible for a one-off error like this to occur for any other reason? Could a depth 3 error be from a cert on the user's computer? They're running Windows, if it matters.
> 
> -- 
> Jacqueline Landman Gay         |     jacque at hyperactivesw.com
> HyperActive Software           |     http://www.hyperactivesw.com
> 
> _______________________________________________
> use-livecode mailing list
> use-livecode at lists.runrev.com
> Please visit this url to subscribe, unsubscribe and manage your subscription preferences:
> http://lists.runrev.com/mailman/listinfo/use-livecode