URLConnection -- Insecure SSL

Is there any chance the an insecure option could be added to the new URLConnection class?

I am working with an API on a server that is local that unfortunately has an expired SLL cert. I know that this server is secure, but the overhead of getting our company to update the certificate for this use would take a lot of work.

Could an option be added to the URLConnection class that mirrors the -k flag?

This option explicitly allows curl to perform “insecure” SSL connections
and transfers. All SSL connections are attempted in secure mode using the
CA certificate bundle installed by default. This makes all connections
considered “insecure” fail unless -k, --insecure is used.(SSL)[/quote]

I can shell out to CURL as a workaround, but I would love to be able to use the new class.


You can do this now by setting http://documentation.xojo.com/api/networking/urlconnection.html#urlconnection-allowcertificatevalidation to false.

Thanks so much Wayne!