1--- 2c: Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al. 3SPDX-License-Identifier: curl 4Long: ca-native 5Help: Load CA certs from the OS 6Protocols: TLS 7Category: tls 8Added: 8.2.0 9Multi: boolean 10See-also: 11 - cacert 12 - capath 13 - dump-ca-embed 14 - insecure 15Example: 16 - --ca-native $URL 17--- 18 19# `--ca-native` 20 21Use the CA store from the native operating system to verify the peer. By 22default, curl otherwise uses a CA store provided in a single file or 23directory, but when using this option it interfaces the operating system's own 24vault. 25 26This option works for curl on Windows when built to use OpenSSL, wolfSSL 27(added in 8.3.0) or GnuTLS (added in 8.5.0). When curl on Windows is built to 28use Schannel, this feature is implied and curl then only uses the native CA 29store. 30
