cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: CURLOPT_CAPATH returning CURLE_NOT_BUILT_IN on MacOS 10.10

From: Daniel Stenberg <daniel_at_haxx.se>
Date: Wed, 26 Aug 2015 15:58:14 +0200 (CEST)

On Wed, 26 Aug 2015, Volker Schmid wrote:

>> ... meaning that the SecureTransport backend does not support
>> CURLOPT_CAPATH.
>
> Thanks for the answer. Ok, I understand. But on MacOS I also do not have
> some cacerts.pem file usable with CURLOPT_CAINFO. So how to make this
> working? Or do I need to provide this file?

What exactly do you want? I would expect SecureTransport to have its own trust
store that it will use unless you tell it otherwise, the same trust basically
all other apps in your system trust. Then I would assume that you don't have
to tell it anything as it certainly knows about those by default?

If not, you want to enforce your own set of CAs to trust and only trust these
CAs you know, and then the question becomes in what format do you have those
if you cannot put them into a single PEM and point to?

-- 
  / daniel.haxx.se
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette:  http://curl.haxx.se/mail/etiquette.html
Received on 2015-08-26