1CURLOPT_PROXY_CAINFO(3)    curl_easy_setopt options    CURLOPT_PROXY_CAINFO(3)
2
3
4

NAME

6       CURLOPT_PROXY_CAINFO - path to proxy Certificate Authority (CA) bundle
7

SYNOPSIS

9       #include <curl/curl.h>
10
11       CURLcode   curl_easy_setopt(CURL  *handle,  CURLOPT_PROXY_CAINFO,  char
12       *path);
13

DESCRIPTION

15       This option is for connecting to an HTTPS proxy, not an HTTPS server.
16
17       Pass a char * to a zero terminated string naming a file holding one  or
18       more certificates to verify the HTTPS proxy with.
19
20       If  CURLOPT_PROXY_SSL_VERIFYPEER(3) is zero and you avoid verifying the
21       server's certificate, CURLOPT_PROXY_CAINFO(3) need not even indicate an
22       accessible file.
23
24       This option is by default set to the system path where libcurl's cacert
25       bundle is assumed to be stored, as established at build time.
26
27       If curl is built against the NSS SSL library, the NSS PEM PKCS#11  mod‐
28       ule  (libnsspem.so) needs to be available for this option to work prop‐
29       erly.
30
31       (iOS and macOS only) If curl is built against  Secure  Transport,  then
32       this  option  is  supported  for  backward compatibility with other SSL
33       engines, but it should not be set. If the option is not set, then  curl
34       will use the certificates in the system and user Keychain to verify the
35       peer, which is the preferred method of verifying the peer's certificate
36       chain.
37
38       The  application  does not have to keep the string around after setting
39       this option.
40

DEFAULT

42       Built-in system specific
43

PROTOCOLS

45       Used with HTTPS proxy
46

EXAMPLE

48       CURL *curl = curl_easy_init();
49       if(curl) {
50         curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
51         /* using an HTTPS proxy */
52         curl_easy_setopt(curl, CURLOPT_PROXY, "https://localhost:443");
53         curl_easy_setopt(curl, CURLOPT_PROXY_CAINFO, "/etc/certs/cabundle.pem");
54         ret = curl_easy_perform(curl);
55         curl_easy_cleanup(curl);
56       }
57

AVAILABILITY

59       Added in 7.52.0
60
61       For TLS  backends  that  don't  support  certificate  files,  the  CUR‐
62       LOPT_PROXY_CAINFO(3)      option      is      ignored.     Refer     to
63       https://curl.haxx.se/docs/ssl-compared.html
64

RETURN VALUE

66       Returns CURLE_OK if the option is  supported,  CURLE_UNKNOWN_OPTION  if
67       not, or CURLE_OUT_OF_MEMORY if there was insufficient heap space.
68

SEE ALSO

70       CURLOPT_PROXY_CAPATH(3),      CURLOPT_PROXY_SSL_VERIFYPEER(3),     CUR‐
71       LOPT_PROXY_SSL_VERIFYHOST(3),   CURLOPT_CAPATH(3),    CURLOPT_SSL_VERI‐
72       FYPEER(3), CURLOPT_SSL_VERIFYHOST(3),
73
74
75
76libcurl 7.69.1                  April 17, 2018         CURLOPT_PROXY_CAINFO(3)
Impressum