embedaddon/curl/docs/cmdline-opts/cacert.d - annotate

Return to cacert.d CVS log

Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / curl / docs / cmdline-opts

Annotation of embedaddon/curl/docs/cmdline-opts/cacert.d, revision 1.1.1.1

1.1 misho 1: Long: cacert
2: Arg: <file>
3: Help: CA certificate to verify peer against
4: Protocols: TLS
5: ---
6: Tells curl to use the specified certificate file to verify the peer. The file
7: may contain multiple CA certificates. The certificate(s) must be in PEM
8: format. Normally curl is built to use a default file for this, so this option
9: is typically used to alter that default file.
10:
11: curl recognizes the environment variable named 'CURL_CA_BUNDLE' if it is
12: set, and uses the given path as a path to a CA cert bundle. This option
13: overrides that variable.
14:
15: The windows version of curl will automatically look for a CA certs file named
16: \'curl-ca-bundle.crt\', either in the same directory as curl.exe, or in the
17: Current Working Directory, or in any folder along your PATH.
18:
19: If curl is built against the NSS SSL library, the NSS PEM PKCS#11 module
20: (libnsspem.so) needs to be available for this option to work properly.
21:
22: (iOS and macOS only) If curl is built against Secure Transport, then this
23: option is supported for backward compatibility with other SSL engines, but it
24: should not be set. If the option is not set, then curl will use the
25: certificates in the system and user Keychain to verify the peer, which is the
26: preferred method of verifying the peer's certificate chain.
27:
28: (Schannel only) This option is supported for Schannel in Windows 7 or later with
29: libcurl 7.60 or later. This option is supported for backward compatibility
30: with other SSL engines; instead it is recommended to use Windows' store of
31: root certificates (the default for Schannel).
32:
33: If this option is used several times, the last one will be used.

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>