1--- 2c: Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al. 3SPDX-License-Identifier: curl 4Title: CURLOPT_CAPATH 5Section: 3 6Source: libcurl 7See-also: 8 - CURLINFO_CAPATH (3) 9 - CURLOPT_CAINFO (3) 10 - CURLOPT_DEBUGFUNCTION (3) 11 - CURLOPT_STDERR (3) 12Protocol: 13 - TLS 14TLS-backend: 15 - OpenSSL 16 - GnuTLS 17 - mbedTLS 18 - wolfSSL 19--- 20 21# NAME 22 23CURLOPT_CAPATH - directory holding CA certificates 24 25# SYNOPSIS 26 27~~~c 28#include <curl/curl.h> 29 30CURLcode curl_easy_setopt(CURL *handle, CURLOPT_CAPATH, char *capath); 31~~~ 32 33# DESCRIPTION 34 35Pass a char pointer to a null-terminated string naming a directory holding 36multiple CA certificates to verify the peer with. If libcurl is built against 37OpenSSL, the certificate directory must be prepared using the OpenSSL c_rehash 38utility. This makes sense only when used in combination with the 39CURLOPT_SSL_VERIFYPEER(3) option. 40 41The CURLOPT_CAPATH(3) function apparently does not work in Windows due 42to some limitation in OpenSSL. 43 44The application does not have to keep the string around after setting this 45option. 46 47The default value for this can be figured out with CURLINFO_CAPATH(3). 48 49# DEFAULT 50 51A default path detected at build time. 52 53# EXAMPLE 54 55~~~c 56int main(void) 57{ 58 CURL *curl = curl_easy_init(); 59 if(curl) { 60 CURLcode res; 61 curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/"); 62 curl_easy_setopt(curl, CURLOPT_CAPATH, "/etc/cert-dir"); 63 res = curl_easy_perform(curl); 64 curl_easy_cleanup(curl); 65 } 66} 67~~~ 68 69# AVAILABILITY 70 71This option is supported by the OpenSSL, GnuTLS, mbedTLS and wolfSSL backends. 72 73# RETURN VALUE 74 75CURLE_OK if supported; or an error such as: 76 77CURLE_NOT_BUILT_IN - Not supported by the SSL backend 78 79CURLE_UNKNOWN_OPTION 80 81CURLE_OUT_OF_MEMORY 82