2024-03-15 20:55:33 -06:00
|
|
|
.\" generated by cd2nroff 0.1 from CURLOPT_PROXY_CAINFO.md
|
2024-08-02 19:52:59 -06:00
|
|
|
.TH CURLOPT_PROXY_CAINFO 3 "2024-08-02" libcurl
|
2024-03-15 20:55:33 -06:00
|
|
|
.SH NAME
|
|
|
|
CURLOPT_PROXY_CAINFO \- path to proxy Certificate Authority (CA) bundle
|
|
|
|
.SH SYNOPSIS
|
|
|
|
.nf
|
|
|
|
#include <curl/curl.h>
|
|
|
|
|
|
|
|
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_CAINFO, char *path);
|
|
|
|
.fi
|
|
|
|
.SH DESCRIPTION
|
|
|
|
This option is for connecting to an HTTPS proxy, not an HTTPS server.
|
|
|
|
|
|
|
|
Pass a char pointer to a null\-terminated string naming a file holding one or
|
|
|
|
more certificates to verify the HTTPS proxy with.
|
|
|
|
|
|
|
|
If \fICURLOPT_PROXY_SSL_VERIFYPEER(3)\fP is zero and you avoid verifying the
|
|
|
|
server\(aqs certificate, \fICURLOPT_PROXY_CAINFO(3)\fP need not even indicate an
|
|
|
|
accessible file.
|
|
|
|
|
|
|
|
This option is by default set to the system path where libcurl\(aqs CA
|
|
|
|
certificate bundle is assumed to be stored, as established at build time.
|
|
|
|
|
|
|
|
(iOS and macOS only) If curl is built against Secure Transport, then this
|
|
|
|
option is supported for backward compatibility with other SSL engines, but it
|
|
|
|
should not be set. If the option is not set, then curl uses the certificates
|
|
|
|
in the system and user Keychain to verify the peer, which is the preferred
|
|
|
|
method of verifying the peer\(aqs certificate chain.
|
|
|
|
|
|
|
|
The application does not have to keep the string around after setting this
|
|
|
|
option.
|
|
|
|
|
|
|
|
The default value for this can be figured out with \fICURLINFO_CAINFO(3)\fP.
|
|
|
|
.SH DEFAULT
|
|
|
|
Built\-in system specific
|
|
|
|
.SH PROTOCOLS
|
2024-07-29 18:00:04 -06:00
|
|
|
This functionality affects all TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
|
2024-03-30 12:28:04 -06:00
|
|
|
|
|
|
|
All TLS backends support this option.
|
2024-03-15 20:55:33 -06:00
|
|
|
.SH EXAMPLE
|
|
|
|
.nf
|
|
|
|
int main(void)
|
|
|
|
{
|
|
|
|
CURL *curl = curl_easy_init();
|
|
|
|
if(curl) {
|
|
|
|
CURLcode res;
|
|
|
|
curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
|
|
|
|
/* using an HTTPS proxy */
|
|
|
|
curl_easy_setopt(curl, CURLOPT_PROXY, "https://localhost:443");
|
|
|
|
curl_easy_setopt(curl, CURLOPT_PROXY_CAINFO, "/etc/certs/cabundle.pem");
|
|
|
|
res = curl_easy_perform(curl);
|
|
|
|
curl_easy_cleanup(curl);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
.fi
|
2024-07-29 18:00:04 -06:00
|
|
|
.SH NOTES
|
2024-03-15 20:55:33 -06:00
|
|
|
For TLS backends that do not support certificate files, the
|
|
|
|
\fICURLOPT_PROXY_CAINFO(3)\fP option is ignored. Refer to
|
|
|
|
https://curl.se/docs/ssl\-compared.html
|
2024-07-29 18:00:04 -06:00
|
|
|
.SH AVAILABILITY
|
|
|
|
Added in curl 7.52.0
|
2024-03-15 20:55:33 -06:00
|
|
|
.SH RETURN VALUE
|
|
|
|
Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or
|
|
|
|
CURLE_OUT_OF_MEMORY if there was insufficient heap space.
|
|
|
|
.SH SEE ALSO
|
|
|
|
.BR CURLOPT_CAINFO (3),
|
|
|
|
.BR CURLOPT_CAINFO_BLOB (3),
|
|
|
|
.BR CURLOPT_CAPATH (3),
|
|
|
|
.BR CURLOPT_PROXY_CAINFO_BLOB (3),
|
|
|
|
.BR CURLOPT_PROXY_CAPATH (3),
|
|
|
|
.BR CURLOPT_PROXY_SSL_VERIFYHOST (3),
|
|
|
|
.BR CURLOPT_PROXY_SSL_VERIFYPEER (3),
|
|
|
|
.BR CURLOPT_SSL_VERIFYHOST (3),
|
|
|
|
.BR CURLOPT_SSL_VERIFYPEER (3)
|