On Tue, Mar 29, 2022 at 9:52 AM 'Michael Day' via General <[email protected]> wrote: > And yet this works on this laptop running Windows 11: > > #qqq =. gethttp 'https://code2.jsoftware.com/' > 715 > qqq > curl performs SSL certificate verification by default, using a "bundle" > of Certificate Authority (CA) public keys (CA certs). If the default > bundle file isn't adequate, you can specify an alternate file > using the --cacert option. > If this HTTPS server uses a certificate signed by a CA represented in > the bundle, the certificate verification probably failed due to a > problem with the certificate (it might be expired, or the name might > not match the domain name in the URL). > If you'd like to turn off curl's verification of the certificate, use > the -k (or --insecure) option.
That's the problem I was trying to report. This next paragraph is from memory, so you might want to back up the ca-bundle.crt file, just in case. If you download https://curl.se/ca/cacert.pem and save it as ~addons/web/gethttp/ca-bundle.crt, gethttp'code2.jsoftware.com' will return the html content of the page instead of curl's warning about a certificate error. And, since that ca-bundle.crt is distributed as a part of web/gethttp, this means that that addon needs to be updated. I guess I should put together a pull request with that update. (Though what I really would like to do is deploy the automated download mechanism documented at https://curl.se/docs/caextract.html in a fashion which auto-deploys the addon, perhaps with a manual test and review stage.) (Actually, while composing this email, stopped for a few minutes and went ahead and submitted that pull request.) Thanks, -- Raul ---------------------------------------------------------------------- For information about J forums see http://www.jsoftware.com/forums.htm
