cURL / Mailing Lists / curl-library / Single Mail


Support for openssl trusted_first flag

From: Robert Foreman <>
Date: Tue, 20 Dec 2011 17:47:11 +0000

Dear all,

Openssl defines a flag, -trusted_first, which causes it to verify
certificates using a trusted certificate store, even if an untrusted
store is also available. This is described in a patch at

I've created a patch for cURL that adds a --trusted_first flag, allowing
(lib)curl to use this openssl functionality.

It's probably not perfect, and I haven't updated all the man pages and
help, but it seems to work and I hope it's useful.

The patch applies cleanly to cURL 7.23.1.

Rob Foreman

Rob Foreman
BBC Future Media & Technology
D221 Centre House, 56 Wood Lane, LONDON W12 7SB
+44 303 040 9587

List admin:

Received on 2011-12-20