.\" ************************************************************************** .\" * _ _ ____ _ .\" * Project ___| | | | _ \| | .\" * / __| | | | |_) | | .\" * | (__| |_| | _ <| |___ .\" * \___|\___/|_| \_\_____| .\" * .\" * Copyright (C) 1998 - 2021, Daniel Stenberg, , et al. .\" * .\" * This software is licensed as described in the file COPYING, which .\" * you should have received as part of this distribution. The terms .\" * are also available at https://curl.se/docs/copyright.html. .\" * .\" * You may opt to use, copy, modify, merge, publish, distribute and/or sell .\" * copies of the Software, and permit persons to whom the Software is .\" * furnished to do so, under the terms of the COPYING file. .\" * .\" * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY .\" * KIND, either express or implied. .\" * .\" ************************************************************************** .\" .TH CURLOPT_CAPATH 3 "17 Jun 2014" "libcurl 7.37.0" "curl_easy_setopt options" .SH NAME CURLOPT_CAPATH \- specify directory holding CA certificates .SH SYNOPSIS #include CURLcode curl_easy_setopt(CURL *handle, CURLOPT_CAPATH, char *capath); .SH DESCRIPTION Pass a char * to a null-terminated string naming a directory holding multiple CA certificates to verify the peer with. If libcurl is built against OpenSSL, the certificate directory must be prepared using the openssl c_rehash utility. This makes sense only when used in combination with the \fICURLOPT_SSL_VERIFYPEER(3)\fP option. The \fICURLOPT_CAPATH(3)\fP function apparently does not work in Windows due to some limitation in openssl. The application does not have to keep the string around after setting this option. .SH DEFAULT A default path detected at build time. .SH PROTOCOLS All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc. .SH EXAMPLE .nf CURL *curl = curl_easy_init(); if(curl) { curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/"); curl_easy_setopt(curl, CURLOPT_CAPATH, "/etc/cert-dir"); ret = curl_easy_perform(curl); curl_easy_cleanup(curl); } .fi .SH AVAILABILITY This option is supported by the OpenSSL, GnuTLS and mbedTLS (since 7.56.0) backends. The NSS backend provides the option only for backward compatibility. .SH RETURN VALUE CURLE_OK if supported; or an error such as: CURLE_NOT_BUILT_IN - Not supported by the SSL backend CURLE_UNKNOWN_OPTION CURLE_OUT_OF_MEMORY .SH "SEE ALSO" .BR CURLOPT_CAINFO "(3), " .BR CURLOPT_STDERR "(3), " CURLOPT_DEBUGFUNCTION "(3), "