Login or Register to Ask a Question and Join Our Community

Linux and UNIX Man Pages

Linux & Unix Commands - Search Man Pages

curlopt_capath(3) [mojave man page]

CURLOPT_CAPATH(3)					     curl_easy_setopt options						 CURLOPT_CAPATH(3)

NAME

       CURLOPT_CAPATH - specify directory holding CA certificates

SYNOPSIS

       #include <curl/curl.h>

       CURLcode curl_easy_setopt(CURL *handle, CURLOPT_CAPATH, char *capath);

DESCRIPTION

       Pass  a char * to a zero terminated string naming a directory holding multiple CA certificates to verify the peer with. If libcurl is built
       against OpenSSL, the certificate directory must be prepared using the openssl c_rehash utility.	This makes sense only when used in  combi-
       nation with the CURLOPT_SSL_VERIFYPEER(3) option.

       The CURLOPT_CAPATH(3) function apparently does not work in Windows due to some limitation in openssl.

       The application does not have to keep the string around after setting this option.

DEFAULT

       NULL

PROTOCOLS

       All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.

EXAMPLE

       TODO

AVAILABILITY

       This option is supported by the OpenSSL, GnuTLS and PolarSSL backends. The NSS backend provides the option only for backward compatibility.

RETURN VALUE

       CURLE_OK if supported; or an error such as:

       CURLE_NOT_BUILT_IN - Not supported by the SSL backend

       CURLE_UNKNOWN_OPTION

       CURLE_OUT_OF_MEMORY

SEE ALSO

       CURLOPT_CAINFO(3), CURLOPT_STDERR(3), CURLOPT_DEBUGFUNCTION(3),

libcurl 7.54.0							 February 21, 2017						 CURLOPT_CAPATH(3)

Check Out this Related Man Page

CURLOPT_PROXY_CAINFO(3) 				     curl_easy_setopt options					   CURLOPT_PROXY_CAINFO(3)

NAME

       CURLOPT_PROXY_CAINFO - path to proxy Certificate Authority (CA) bundle

SYNOPSIS

       #include <curl/curl.h>

       CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_CAINFO, char *path);

DESCRIPTION

       This option is for connecting to a HTTPS proxy, not a HTTPS server.

       Pass a char * to a zero terminated string naming a file holding one or more certificates to verify the HTTPS proxy with.

       If CURLOPT_PROXY_SSL_VERIFYPEER(3) is zero and you avoid verifying the server's certificate, CURLOPT_PROXY_CAINFO(3) need not even indicate
       an accessible file.

       This option is by default set to the system path where libcurl's cacert bundle is assumed to be stored, as established at build time.

       If curl is built against the NSS SSL library, the NSS PEM PKCS#11 module (libnsspem.so) needs to be available for this option to work prop-
       erly.

       (iOS  and  macOS  only)	If curl is built against Secure Transport, then this option is supported for backward compatibility with other SSL
       engines, but it should not be set. If the option is not set, then curl will use the certificates in the system and user Keychain to  verify
       the peer, which is the preferred method of verifying the peer's certificate chain.

       The application does not have to keep the string around after setting this option.

DEFAULT

       Built-in system specific

PROTOCOLS

       Used with HTTPS proxy

EXAMPLE

       TODO

AVAILABILITY

       Added in 7.52.0

       For    TLS   backends   that   don't   support	certificate   files,   the   CURLOPT_PROXY_CAINFO(3)   option	is   ignored.	Refer	to
       https://curl.haxx.se/docs/ssl-compared.html

RETURN VALUE

       Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or CURLE_OUT_OF_MEMORY if there was insufficient heap space.

SEE ALSO

       CURLOPT_PROXY_CAPATH(3), CURLOPT_PROXY_SSL_VERIFYPEER(3),  CURLOPT_PROXY_SSL_VERIFYHOST(3),  CURLOPT_CAPATH(3),	CURLOPT_SSL_VERIFYPEER(3),
       CURLOPT_SSL_VERIFYHOST(3),

libcurl 7.54.0							 December 21, 2016					   CURLOPT_PROXY_CAINFO(3)
Man Page