DOC HOME SITE MAP MAN PAGES GNU INFO SEARCH PRINT BOOK
 

CURLOPT_PROXY_CAINFO(3)

CURLOPT_PROXY_CAINFO(3curl_easy_setopt optionCURLOPT_PROXY_CAINFO(3)

NAME

     CURLOPT_PROXY_CAINFO - path to proxy  Certificate  Authority
     (CA) bundle

SYNOPSIS

     #include <curl/curl.h>

     CURLcode           curl_easy_setopt(CURL            *handle,
     CURLOPT_PROXY_CAINFO, char *path);

DESCRIPTION

     This option is for connecting to a HTTPS proxy, not a  HTTPS
     server.

     Pass a char * to a zero  terminated  string  naming  a  file
     holding  one  or more certificates to verify the HTTPS proxy
     with.

     If CURLOPT_PROXY_SSL_VERIFYPEER(3) is  zero  and  you  avoid
     verifying  the server's certificate, CURLOPT_PROXY_CAINFO(3)
     need not even indicate an accessible file.

     This option is by default  set  to  the  system  path  where
     libcurl's  cacert  bundle  is assumed to be stored, as esta-
     blished at build time.

     If curl is built against the NSS SSL library,  the  NSS  PEM
     PKCS#11 module (libnsspem.so) needs to be available for this
     option to work properly.

     (iOS and macOS only) If curl is built against  Secure  Tran-
     sport,  then  this option is supported for backward compati-
     bility with other SSL engines, but it should not be set.  If
     the  option  is not set, then curl will use the certificates
     in the system and user Keychain to verify the peer, which is
     the  preferred  method  of  verifying the peer's certificate
     chain.

     The application does not have  to  keep  the  string  around
     after setting this option.

DEFAULT

     Built-in system specific

PROTOCOLS

     Used with HTTPS proxy

EXAMPLE

     CURL *curl = curl_easy_init();
     if(curl) {
       curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
       /* using a HTTPS proxy */

libcurl 7.58.0      Last change: May 30, 2017                   1

CURLOPT_PROXY_CAINFO(3curl_easy_setopt optionCURLOPT_PROXY_CAINFO(3)


       curl_easy_setopt(curl, CURLOPT_PROXY, "https://localhost:443");
       curl_easy_setopt(curl, CURLOPT_PROXY_CAINFO, "/etc/certs/cabundle.pem");
       ret = curl_easy_perform(curl);
       curl_easy_cleanup(curl);
     }

AVAILABILITY

     Added in 7.52.0

     For TLS backends that don't support certificate  files,  the
     CURLOPT_PROXY_CAINFO(3)   option   is   ignored.   Refer  to
     https://curl.haxx.se/docs/ssl-compared.html

RETURN VALUE

     Returns   CURLE_OK   if    the    option    is    supported,
     CURLE_UNKNOWN_OPTION if not, or CURLE_OUT_OF_MEMORY if there
     was insufficient heap space.

SEE ALSO

     CURLOPT_PROXY_CAPATH(3),    CURLOPT_PROXY_SSL_VERIFYPEER(3),
     CURLOPT_PROXY_SSL_VERIFYHOST(3),          CURLOPT_CAPATH(3),
     CURLOPT_SSL_VERIFYPEER(3), CURLOPT_SSL_VERIFYHOST(3),

libcurl 7.58.0      Last change: May 30, 2017                   2
Man(1) output converted with man2html