1--- 2c: Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al. 3SPDX-License-Identifier: curl 4Title: CURLOPT_CAPATH 5Section: 3 6Source: libcurl 7See-also: 8 - CURLINFO_CAPATH (3) 9 - CURLOPT_CAINFO (3) 10 - CURLOPT_DEBUGFUNCTION (3) 11 - CURLOPT_STDERR (3) 12Protocol: 13 - TLS 14TLS-backend: 15 - OpenSSL 16 - GnuTLS 17 - mbedTLS 18 - wolfSSL 19Added-in: 7.9.8 20--- 21 22# NAME 23 24CURLOPT_CAPATH - directory holding CA certificates 25 26# SYNOPSIS 27 28~~~c 29#include <curl/curl.h> 30 31CURLcode curl_easy_setopt(CURL *handle, CURLOPT_CAPATH, char *capath); 32~~~ 33 34# DESCRIPTION 35 36Pass a char pointer to a null-terminated string naming a directory holding 37multiple CA certificates to verify the peer with. If libcurl is built against 38OpenSSL, the certificate directory must be prepared using the OpenSSL c_rehash 39utility. This makes sense only when used in combination with the 40CURLOPT_SSL_VERIFYPEER(3) option. 41 42The CURLOPT_CAPATH(3) function apparently does not work in Windows due 43to some limitation in OpenSSL. 44 45The application does not have to keep the string around after setting this 46option. 47 48Using this option multiple times makes the last set string override the 49previous ones. Set it to NULL to disable its use again. 50 51The default value for this can be figured out with CURLINFO_CAPATH(3). 52 53# DEFAULT 54 55A path detected at build time. 56 57# %PROTOCOLS% 58 59# EXAMPLE 60 61~~~c 62int main(void) 63{ 64 CURL *curl = curl_easy_init(); 65 if(curl) { 66 CURLcode res; 67 curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/"); 68 curl_easy_setopt(curl, CURLOPT_CAPATH, "/etc/cert-dir"); 69 res = curl_easy_perform(curl); 70 curl_easy_cleanup(curl); 71 } 72} 73~~~ 74 75# %AVAILABILITY% 76 77# RETURN VALUE 78 79CURLE_OK if supported; or an error such as: 80 81CURLE_NOT_BUILT_IN - Not supported by the SSL backend 82 83CURLE_UNKNOWN_OPTION 84 85CURLE_OUT_OF_MEMORY 86
