Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
CURLOPT_CAINFO(3)	   Library Functions Manual	     CURLOPT_CAINFO(3)

NAME
       CURLOPT_CAINFO -	path to	Certificate Authority (CA) bundle

SYNOPSIS
       #include	<curl/curl.h>

       CURLcode	curl_easy_setopt(CURL *handle, CURLOPT_CAINFO, char *path);

DESCRIPTION
       Pass  a	char pointer to	a null-terminated string naming	a file holding
       one or more certificates	to verify the peer with.

       If CURLOPT_SSL_VERIFYPEER(3)  is	 zero  and  you	 avoid	verifying  the
       server's	 certificate,  CURLOPT_CAINFO(3) need not even indicate	an ac-
       cessible	file.

       This option is by default set to	the system  path  where	 libcurl's  CA
       certificate  bundle  is	assumed	 to be stored, as established at build
       time.

       (iOS and	macOS) When curl uses Secure Transport	this  option  is  sup-
       ported.	If  the	 option	is not set, then curl uses the certificates in
       the system and user Keychain to verify the peer.

       (Schannel) This option is supported for Schannel	in Windows 7 or	 later
       but  we	recommend  not	using it until Windows 8 since it works	better
       starting	then.  If the option is	not set, then curl uses	 the  certifi-
       cates  in  the  Windows'	 store	of  root certificates (the default for
       Schannel).

       The application does not	have to	keep the string	around	after  setting
       this option.

       Using this option multiple times	makes the last set string override the
       previous	ones. Set it to	NULL to	disable	its use	again.

       The default value for this can be figured out with CURLINFO_CAINFO(3).

DEFAULT
       Built-in	 system	 specific. When	curl is	built with Secure Transport or
       Schannel, this option is	not set	by default.

PROTOCOLS
       This functionality affects all TLS based	protocols: HTTPS, FTPS,	IMAPS,
       POP3S, SMTPS etc.

       All TLS backends	support	this option.

EXAMPLE
       int main(void)
       {
	 CURL *curl = curl_easy_init();
	 if(curl) {
	   curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
	   curl_easy_setopt(curl, CURLOPT_CAINFO, "/etc/certs/cabundle.pem");
	   curl_easy_perform(curl);
	   curl_easy_cleanup(curl);
	 }
       }

HISTORY
       Schannel	support	added in libcurl 7.60.

AVAILABILITY
       Added in	curl 7.4.2

RETURN VALUE
       curl_easy_setopt(3) returns a CURLcode indicating success or error.

       CURLE_OK	(0) means everything was OK, non-zero means an error occurred,
       see libcurl-errors(3).

SEE ALSO
       CURLINFO_CAINFO(3),  CURLOPT_CAINFO_BLOB(3),  CURLOPT_CAPATH(3),	  CUR-
       LOPT_CA_CACHE_TIMEOUT(3),  CURLOPT_SSL_VERIFYHOST(3), CURLOPT_SSL_VERI-
       FYPEER(3)

libcurl				  2025-06-03		     CURLOPT_CAINFO(3)

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=CURLOPT_CAINFO&sektion=3&manpath=FreeBSD+Ports+14.3.quarterly>

home | help