cURL / Mailing Lists / curl-library / Single Mail


Re: API to include cacert using a C string

From: bch <>
Date: Fri, 8 Jan 2016 23:57:47 -0800

I feel like re-purposing CAINFO or CAPATH has a smell about it.
Something like CURLOPT_CARAW or CURLOPT_CAEMBEDDED sounds more
reasonable to me.


On 1/8/16, Thomas Glanzmann <> wrote:
> Hello Daniel,
>> I will gladly accept patches that introduce it. Have you considered
>> the API/option for passing the cacert bundle to libcurl?
> I have thought about this as well. I think we have two options:
> - Make CURLOPT_CAINFO and/or CURLOPT_CAPATH not only accept a
> path as they do today but also let them accept one or more
> X509 PEM encoded certificates. Try to write a generic wrapper
> function that works with all SSL backends, if that it is not
> possible write one per SSL backend.
> - Introduce a new CURLOPT which only accepts one or more X509
> PEM certificates. Maybe CURLOPT_EMBEDCA or something similar.
> Maybe you have another and better idea, than let me know.
> Cheers,
> Thomas
> -------------------------------------------------------------------
> List admin:
> Etiquette:
List admin:
Received on 2016-01-09