.\" ************************************************************************** .\" * _ _ ____ _ .\" * Project ___| | | | _ \| | .\" * / __| | | | |_) | | .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * .\" * Copyright (C) 1998 - 2022, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms .\" * are also available at https://curl.se/docs/copyright.html. .\" * .\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell .\" * copies of the Software, and permit persons to whom the Software is .\" * furnished to do so, under the terms of the COPYING file. .\" * .\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY .\" * KIND, either express or implied. .\" * .\" * SPDX-License-Identifier: curl .\" * .\" ************************************************************************** .\" .TH CURLOPT_CAINFO_BLOB 3 "31 March 2021" "libcurl 7.77.0" "curl_easy_setopt options" .SH NAME CURLOPT_CAINFO_BLOB \- Certificate Authority (CA) bundle in PEM format .SH SYNOPSIS .nf #include CURLcode curl_easy_setopt(CURL *handle, CURLOPT_CAINFO_BLOB, struct curl_blob *stblob); .fi .SH DESCRIPTION Pass a pointer to a curl_blob structure, which contains information (pointer and size) about a memory block with binary data of PEM encoded content holding one or more certificates to verify the HTTPS server with. If \fICURLOPT_SSL_VERIFYPEER(3)\fP is zero and you avoid verifying the server's certificate, \fICURLOPT_CAINFO_BLOB(3)\fP is not needed. This option overrides \fICURLOPT_CAINFO(3)\fP. .SH DEFAULT NULL .SH PROTOCOLS All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc. .SH EXAMPLE .nf char *strpem; /* strpem must point to a PEM string */ CURL *curl = curl_easy_init(); if(curl) { struct curl_blob blob; curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/"); blob.data = strpem; blob.len = strlen(strpem); blob.flags = CURL_BLOB_COPY; curl_easy_setopt(curl, CURLOPT_CAINFO_BLOB, &blob); ret = curl_easy_perform(curl); curl_easy_cleanup(curl); } .fi .SH AVAILABILITY Added in 7.77.0. This option is supported by the BearSSL (since 7.79.0), mbedTLS (since 7.81.0), rustls (since 7.82.0), OpenSSL, Secure Transport and Schannel backends. .SH RETURN VALUE Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or CURLE_OUT_OF_MEMORY if there was insufficient heap space. .SH "SEE ALSO" .BR CURLOPT_CAINFO "(3), " CURLOPT_CAPATH "(3), " .BR CURLOPT_SSL_VERIFYPEER "(3), " CURLOPT_SSL_VERIFYHOST "(3), "