Go to main content

man pages section 3: Library Interfaces and Headers

Exit Print View

Updated: Thursday, June 13, 2019
 
 

CURLOPT_PROXY_CAINFO (3)

Name

CURLOPT_PROXY_CAINFO - path to proxy Certificate Authority (CA) bundle

Synopsis

#include <curl/curl.h>

CURLcode   curl_easy_setopt(CURL  *handle,  CURLOPT_PROXY_CAINFO,  char
*path);

Description

CURLOPT_PROXY_CAINFO(3)    curl_easy_setopt options    CURLOPT_PROXY_CAINFO(3)



NAME
       CURLOPT_PROXY_CAINFO - path to proxy Certificate Authority (CA) bundle

SYNOPSIS
       #include <curl/curl.h>

       CURLcode   curl_easy_setopt(CURL  *handle,  CURLOPT_PROXY_CAINFO,  char
       *path);

DESCRIPTION
       This option is for connecting to an HTTPS proxy, not an HTTPS server.

       Pass a char * to a zero terminated string naming a file holding one  or
       more certificates to verify the HTTPS proxy with.

       If  CURLOPT_PROXY_SSL_VERIFYPEER(3) is zero and you avoid verifying the
       server's certificate, CURLOPT_PROXY_CAINFO(3) need not even indicate an
       accessible file.

       This option is by default set to the system path where libcurl's cacert
       bundle is assumed to be stored, as established at build time.

       If curl is built against the NSS SSL library, the NSS PEM PKCS#11  mod-
       ule  (libnsspem.so) needs to be available for this option to work prop-
       erly.

       (iOS and macOS only) If curl is built against  Secure  Transport,  then
       this  option  is  supported  for  backward compatibility with other SSL
       engines, but it should not be set. If the option is not set, then  curl
       will use the certificates in the system and user Keychain to verify the
       peer, which is the preferred method of verifying the peer's certificate
       chain.

       The  application  does not have to keep the string around after setting
       this option.

DEFAULT
       Built-in system specific

PROTOCOLS
       Used with HTTPS proxy

EXAMPLE
       CURL *curl = curl_easy_init();
       if(curl) {
         curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
         /* using an HTTPS proxy */
         curl_easy_setopt(curl, CURLOPT_PROXY, "https://localhost:443");
         curl_easy_setopt(curl, CURLOPT_PROXY_CAINFO, "/etc/certs/cabundle.pem");
         ret = curl_easy_perform(curl);
         curl_easy_cleanup(curl);
       }

AVAILABILITY
       Added in 7.52.0

       For TLS  backends  that  don't  support  certificate  files,  the  CUR-
       LOPT_PROXY_CAINFO(3)      option      is      ignored.     Refer     to
       https://curl.haxx.se/docs/ssl-compared.html

RETURN VALUE
       Returns CURLE_OK if the option is  supported,  CURLE_UNKNOWN_OPTION  if
       not, or CURLE_OUT_OF_MEMORY if there was insufficient heap space.


ATTRIBUTES
       See attributes(7) for descriptions of the following attributes:


       +---------------+------------------+
       |ATTRIBUTE TYPE | ATTRIBUTE VALUE  |
       +---------------+------------------+
       |Availability   | web/curl         |
       +---------------+------------------+
       |Stability      | Uncommitted      |
       +---------------+------------------+
SEE ALSO
       CURLOPT_PROXY_CAPATH(3),      CURLOPT_PROXY_SSL_VERIFYPEER(3),     CUR-
       LOPT_PROXY_SSL_VERIFYHOST(3),   CURLOPT_CAPATH(3),    CURLOPT_SSL_VERI-
       FYPEER(3), CURLOPT_SSL_VERIFYHOST(3),



NOTES
       This     software     was    built    from    source    available    at
       https://github.com/oracle/solaris-userland.   The  original   community
       source    was    downloaded    from    https://github.com/curl/curl/ar-
       chive/curl-7_64_0.zip

       Further information about this software can be found on the open source
       community website at http://curl.haxx.se/.



libcurl 7.52.0                    16 Nov 2016          CURLOPT_PROXY_CAINFO(3)