mirror of
https://github.com/curl/curl.git
synced 2024-12-21 06:50:10 +08:00
f81f351b9a
Use these words and casing more consistently across text, comments and one curl tool output: AIX, ALPN, ANSI, BSD, Cygwin, Darwin, FreeBSD, GitHub, HP-UX, Linux, macOS, MS-DOS, MSYS, MinGW, NTLM, POSIX, Solaris, UNIX, Unix, Unicode, WINE, WebDAV, Win32, winbind, WinIDN, Windows, Windows CE, Winsock. Mostly OS names and a few more. Also a couple of other minor text fixups. Closes #14360
44 lines
1.6 KiB
Markdown
44 lines
1.6 KiB
Markdown
---
|
|
c: Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
|
|
SPDX-License-Identifier: curl
|
|
Long: cacert
|
|
Arg: <file>
|
|
Help: CA certificate to verify peer against
|
|
Protocols: TLS
|
|
Category: tls
|
|
Added: 7.5
|
|
Multi: single
|
|
See-also:
|
|
- capath
|
|
- dump-ca-embed
|
|
- insecure
|
|
Example:
|
|
- --cacert CA-file.txt $URL
|
|
---
|
|
|
|
# `--cacert`
|
|
|
|
Use the specified certificate file to verify the peer. The file may contain
|
|
multiple CA certificates. The certificate(s) must be in PEM format. Normally
|
|
curl is built to use a default file for this, so this option is typically used
|
|
to alter that default file.
|
|
|
|
curl recognizes the environment variable named 'CURL_CA_BUNDLE' if it is set
|
|
and the TLS backend is not Schannel, and uses the given path as a path to a CA
|
|
cert bundle. This option overrides that variable.
|
|
|
|
The Windows version of curl automatically looks for a CA certs file named
|
|
'curl-ca-bundle.crt', either in the same directory as curl.exe, or in the
|
|
Current Working Directory, or in any folder along your PATH.
|
|
|
|
(iOS and macOS only) If curl is built against Secure Transport, then this
|
|
option is supported for backward compatibility with other SSL engines, but it
|
|
should not be set. If the option is not set, then curl uses the certificates
|
|
in the system and user Keychain to verify the peer, which is the preferred
|
|
method of verifying the peer's certificate chain.
|
|
|
|
(Schannel only) This option is supported for Schannel in Windows 7 or later
|
|
(added in 7.60.0). This option is supported for backward compatibility with
|
|
other SSL engines; instead it is recommended to use Windows' store of root
|
|
certificates (the default for Schannel).
|