mirror of
https://github.com/curl/curl.git
synced 2025-01-06 13:44:52 +08:00
8a3740bc8e
Add the ability to embed a CA bundle into the curl binary. It is used when no other runtime or build-time option set one. This helps curl-for-win macOS and Linux builds to run standalone, and also helps Windows builds to avoid picking up the CA bundle from an arbitrary (possibly world-writable) location (though this behaviour is not currently disablable). Usage: - cmake: `-DCURL_CA_EMBED=/path/to/curl-ca-bundle.crt` - autotools: `--with-ca-embed=/path/to/curl-ca-bundle.crt` - Makefile.mk: `CURL_CA_EMBED=/path/to/curl-ca-bundle.crt` Also add new command-line option `--dump-ca-embed` to dump the embedded CA bundle to standard output. Closes #14059
983 B
983 B
c | SPDX-License-Identifier | Long | Help | Arg | Added | Category | Multi | See-also | Example | |||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al. | curl | proxy-capath | CA directory to verify proxy against | <dir> | 7.52.0 | proxy tls | single |
|
|
--proxy-capath
Same as --capath but used in HTTPS proxy context.
Use the specified certificate directory to verify the proxy. Multiple paths
can be provided by separated with colon (:
) (e.g. path1:path2:path3
). The
certificates must be in PEM format, and if curl is built against OpenSSL, the
directory must have been processed using the c_rehash utility supplied with
OpenSSL. Using --proxy-capath can allow OpenSSL-powered curl to make
SSL-connections much more efficiently than using --proxy-cacert if the
--proxy-cacert file contains many CA certificates.
If this option is set, the default capath value is ignored.