1--- 2c: Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al. 3SPDX-License-Identifier: curl 4Title: CURLOPT_PROXY_CAPATH 5Section: 3 6Source: libcurl 7See-also: 8 - CURLOPT_CAINFO (3) 9 - CURLOPT_DEBUGFUNCTION (3) 10 - CURLOPT_PROXY_CAINFO (3) 11 - CURLOPT_PROXY_SSL_VERIFYHOST (3) 12 - CURLOPT_STDERR (3) 13Protocol: 14 - TLS 15TLS-backend: 16 - OpenSSL 17 - GnuTLS 18 - mbedTLS 19Added-in: 7.52.0 20--- 21 22# NAME 23 24CURLOPT_PROXY_CAPATH - directory holding HTTPS proxy CA certificates 25 26# SYNOPSIS 27 28~~~c 29#include <curl/curl.h> 30 31CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_CAPATH, char *capath); 32~~~ 33 34# DESCRIPTION 35 36Pass a char pointer to a null-terminated string naming a directory holding 37multiple CA certificates to verify the HTTPS proxy with. If libcurl is built 38against OpenSSL, the certificate directory must be prepared using the OpenSSL 39**c_rehash** utility. This makes sense only when 40CURLOPT_PROXY_SSL_VERIFYPEER(3) is enabled (which it is by default). 41 42The application does not have to keep the string around after setting this 43option. 44 45Using this option multiple times makes the last set string override the 46previous ones. Set it to NULL to disable its use again and switch back to 47internal default. 48 49The default value for this can be figured out with CURLINFO_CAPATH(3). 50 51# DEFAULT 52 53NULL 54 55# %PROTOCOLS% 56 57# EXAMPLE 58 59~~~c 60int main(void) 61{ 62 CURL *curl = curl_easy_init(); 63 if(curl) { 64 CURLcode res; 65 curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/"); 66 /* using an HTTPS proxy */ 67 curl_easy_setopt(curl, CURLOPT_PROXY, "https://localhost:443"); 68 curl_easy_setopt(curl, CURLOPT_PROXY_CAPATH, "/etc/cert-dir"); 69 res = curl_easy_perform(curl); 70 curl_easy_cleanup(curl); 71 } 72} 73~~~ 74 75# %AVAILABILITY% 76 77# RETURN VALUE 78 79CURLE_OK if supported; or an error such as: 80 81CURLE_NOT_BUILT_IN - Not supported by the SSL backend 82 83CURLE_UNKNOWN_OPTION 84 85CURLE_OUT_OF_MEMORY 86
