From 8d7e3fb8ca934a5ea7f830468b39573683d5c1d9 Mon Sep 17 00:00:00 2001
From: Kaushik Iska <iska.kaushik@gmail.com>
Date: Thu, 16 Oct 2025 17:37:30 -0500
Subject: [PATCH] Changed default: enable SSL certificate verification by
 default

Changed verify_ssl_cert default from false to true to protect against
man-in-the-middle attacks. Users can still explicitly disable if needed
for testing with self-signed certificates.

Fixes #8
---
 src/http/http_request_handler.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/http/http_request_handler.h b/src/http/http_request_handler.h
index 0093e6b..2c74b38 100644
--- a/src/http/http_request_handler.h
+++ b/src/http/http_request_handler.h
@@ -19,7 +19,7 @@ struct HttpConfig {
   bool use_ssl = true;
   int connection_timeout_sec = 30;
   int read_timeout_sec = 120;
-  bool verify_ssl_cert = false;
+  bool verify_ssl_cert = true;
 
   // Retry configuration
   retry::RetryConfig retry_config;