| Components | All | New | MacOS | Windows | Linux | iOS | ||||
| Examples | Mac & Win | Server | Client | Guides | Statistic | FMM | Blog | Deprecated | Old | |
CURL.SetOptionSSLVerifyPeer
Whether to verify the peer.
| Component | Version | macOS | Windows | Linux | Server | iOS SDK |
| CURL | 2.5 | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes | ✅ Yes |
MBS( "CURL.SetOptionSSLVerifyPeer"; curl; Value ) More
Parameters
| Parameter | Description | Example |
|---|---|---|
| curl | The CURL session handle. | $curl |
| Value | Whether to verify peer. | 1 |
Result
Returns "OK" on success.
Description
Whether to verify the peer.Pass a number as parameter. By default, curl assumes a value of 1.
This option determines whether curl verifies the authenticity of the peer's certificate. A value of 1 means curl verifies; 0 (zero) means it doesn't.
When negotiating an SSL connection, the server sends a certificate indicating its identity. Curl verifies whether the certificate is authentic, i.e. that you can trust that the server is who the certificate says it is. This trust is based on a chain of digital signatures, rooted in certification authority (CA) certificates you supply. curl uses a default bundle of CA certificates (the path for that is determined at build time) and you can specify alternate certificates with the CURL.SetOptionCAInfo option or the CURL.SetOptionCAPATH option.
When CURL.SetOptionSSLVerifyPeer is nonzero, and the verification fails to prove that the certificate is authentic, the connection fails. When the option is zero, the peer certificate verification succeeds regardless.
Authenticating the certificate is not by itself very useful. You typically want to ensure that the server, as authentically identified by its certificate, is the server you mean to be talking to. Use CURL.SetOptionSSLVerifyHost to control that. The check that the host name in the certificate is valid for the host name you're connecting to is done independently of the CURL.SetOptionSSLVerifyPeer option.
see also
http://www.mbsplugins.de/archive/2013-01-31/SSL_Security_with_CURL/monkeybreadsoftware_blog_archive
When you don't set the options for certificate path or load system certificates, the MBS Plugin will disable the verify step to let the transfer run.
See also SSL_VERIFYPEER option in CURL manual.
Examples
Disable SSL Verification:
MBS( "CURL.SetOptionSSLVerifyPeer"; $curl; 0 )
MBS( "CURL.SetOptionSSLVerifyHost"; $curl; 0 )
Enables verification and uses cacert.pem file for certificates:
MBS( "CURL.SetOptionCAInfo"; $curl; $cacertPath )
MBS( "CURL.SetOptionSSLVerifyHost"; $curl; 2 )
MBS( "CURL.SetOptionSSLVerifyPeer"; $curl; 1 )
See also
- CURL.SetOptionIssuerCert
- CURL.SetOptionIssuerCertBlob
- CURL.SetOptionPostFields
- CURL.SetOptionSSLCert
- CURL.SetOptionSSLCertType
- CURL.SetOptionSSLKey
- CURL.SetOptionSSLKeyType
- CURL.SetOptionSSLVerifyStatus
- CURL.SetOptionSSLVersion
- CURL.UseSystemCertificates
Example Databases
- CURL/CURL Download Picture to file
- CURL/CURL Send Form
- CURL/Email/Build and send HTML Email with inline graphics
- CURL/Email/IMAP Email Upload
- CURL/Email/Office 365 oAuth SMTP
- CURL/WebServices/AdobeSign WebService
- CURL/WebServices/Magento2 REST API
- CURL/WebServices/Twilio API Send SMS Json
- CURL/WebServices/Twitter oAuth
- Third Party/Google OAUTH 2 example
Blog Entries
- Sending email with a huge custom function
- GMail for emails with MBS Plugin
- Email Script for FileMaker
- Upload email to Sent folder via IMAP
- Sending emails in FileMaker with MBS Plugin
- MBS Filemaker Plugin, version 4.5pr1
- Sending Email with FileMaker via MBS Plugin
- Translate PHP script with CURL to FileMaker Script
- CURL from command line to Plugin
FileMaker Magazin
Created 18th August 2014, last changed 15th November 2019
