Commits
Travis Cross committed b2f59dd2003
Add warning when using HTTPS with mod_curl mod_curl currently does not verify the authenticity of the peer's certificate, and does not verify whether the common name on the certificate matches the server. This makes mod_curl initiated TLS connections completely insecure. We should fix this, but until we do, we'll warn people that it's not doing what they may think it is. ref: http://curl.haxx.se/libcurl/c/CURLOPT_SSL_VERIFYPEER.html ref: http://curl.haxx.se/libcurl/c/CURLOPT_SSL_VERIFYHOST.html