What does it mean to accept all SSL certificates?


I have a general understanding of SSL and how it works but I have seen multiple applications that have checkboxes that say something like "Accept all SSL Certificates" and I am having trouble understanding what exactly this means. Does it have to do with whether it queries the CA to ask if it is authentic?

I ask because I am currently encountering an issue logging into an internal system that works when I check the box but doesn't work and I would like to understand the technical aspects behind what is happening.


Answers:


Yes, it means that it will accept all (as in, regardless of issuer) SSL certificates, even if they are from an untrusted Certificate Authority. You could use this if you didn't care who your messages were going to but wanted them secure. I'm not really sure how that could be useful, unless you have another way to verify the certificate, but still...