<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class=""><br class=""><div><blockquote type="cite" class=""><div class="">On Oct 13, 2021, at 3:45 PM, Randall Meyer <<a href="mailto:rrm@apple.com" class="">rrm@apple.com</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><span style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none; float: none; display: inline !important;" class="">We could add a “—insecure/-k” switch as a feature enhancement to the CLI.</span><br style="caret-color: rgb(0, 0, 0); font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; text-decoration: none;" class=""></div></blockquote></div><br class=""><div class="">Or maybe just ignore the certificate. More options is worse, if you have to implement/explain/justify them. </div><div class=""><br class=""></div><div class="">In the context of an RPM test, where there would be (max) dozens of SSL calculations per second, I suspect that the difference between a self-signed certificate and a "real one" would be negligible.</div><div class=""><br class=""></div><div class="">Thanks.</div><div class=""><br class=""></div><div class="">Rich</div></body></html>