NAME

CURLOPT_CAINFO_BLOB - Certificate Authority (CA) bundle in PEM format

SYNOPSIS

#include <curl/curl.h>


CURLcode curl_easy_setopt(CURL *handle, CURLOPT_CAINFO_BLOB,
                          struct curl_blob *stblob);

DESCRIPTION

Pass a pointer to a curl_blob structure, which contains information (pointer and size) about a memory block with binary data of PEM encoded content holding one or more certificates to verify the HTTPS server with.
 
If CURLOPT_SSL_VERIFYPEER(3) is zero and you avoid verifying the server's certificate, is not needed.
 
This option overrides CURLOPT_CAINFO(3).

DEFAULT

NULL

PROTOCOLS

All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.

EXAMPLE

char *strpem; /* strpem must point to a PEM string */
CURL *curl = curl_easy_init();
if(curl) {
  struct curl_blob blob;
  curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
  blob.data = strpem;
  blob.len = strlen(strpem);
  blob.flags = CURL_BLOB_COPY;
  curl_easy_setopt(curl, CURLOPT_CAINFO_BLOB, &blob);
  ret = curl_easy_perform(curl);
  curl_easy_cleanup(curl);
}

AVAILABILITY

Added in 7.77.0.
 
This option is supported by the BearSSL (since 7.79.0), mbedTLS (since 7.81.0), rustls (since 7.82.0), OpenSSL, Secure Transport and Schannel backends.

RETURN VALUE

Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or CURLE_OUT_OF_MEMORY if there was insufficient heap space.

SEE ALSO

CURLOPT_CAINFO(3), CURLOPT_CAPATH(3), CURLOPT_SSL_VERIFYPEER(3), CURLOPT_SSL_VERIFYHOST(3),

Recommended readings

Pages related to CURLOPT_CAINFO_BLOB you should read also:
CURLOPT_CAINFO(3) CURLOPT_CAPATH(3) CURLOPT_SSL_VERIFYHOST(3) CURLOPT_SSL_VERIFYPEER(3)

Questions & Answers

Helpful answers and articles about CURLOPT_CAINFO_BLOB you may found on these sites:
Stack Overflow Server Fault Super User Unix & Linux Ask Ubuntu Network Engineering DevOps Raspberry Pi Webmasters Google Search