Pardon the simple question, but I need to check if my head is
straight... If I am connecting to an HTTPS site, using my own CA, and
only wish to check the validity of the server's certificate against the
CA certificate, this is what I would do (with my_ca_cert =
"cacert.pem"), right?

  curl_easy_setopt(curl, CURLOPT_URL, my_url);
  curl_easy_setopt(curl, CURLOPT_CAINFO, my_ca_cert);
  curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 2);
  curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 1);
  curl_easy_perform(curl);

Now, ONLY if I wanted to use a client certificate to prove my own
identity would I do the following (with my_client_cert = "client.pem"),
right?

  curl_easy_setopt(curl, CURLOPT_SSLCERT, my_client_cert);
  curl_easy_setopt(curl, CURLOPT_SSLCERTTYPE, "PEM");
  curl_easy_setopt(curl, CURLOPT_SSLKEYPASSWD, "my pass phrase");
  ...
  curl_easy_perform(curl);

Please confirm that I am right or tell me where I went wrong... Thanks
in advance and best regards,

-- 
Gonzalo Diethelm
gonzalo.diethelm_at_aditiva.com