curl / Mailing Lists / curl-library / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Programmatically provide CA bundle?

From: Tom N via curl-library <curl-library_at_cool.haxx.se>
Date: Tue, 28 Apr 2020 11:14:07 -0400 (EDT)

I'm using libcurl with OpenSSL on Linux, Windows, and Mac to post data to a secure website. I'd like to provide the CA cert bundle directly via an API instead of using the CURLOPT_CAINFO option to specify a file on disk, primarily to avoid errors due to the bundle file not being found. Is that possible?
If not, is there some alternative method to accomplish this? (The app only posts data to one domain, so only a small cert chain is needed.)

Also, what's the behavior if the CURLOPT_CAINFO option is used and a filename is specified with no path info? Looks like the curl command line tool on Windows will search various locations (https://curl.haxx.se/docs/sslcerts.html). Will libcurl behave the same? And if so, will it behave similarly across all platforms (ie. at least looking in the application's directory, the current working directory, and all directories in PATH)?

Thanks!
-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2020-04-28