CURLOPT_PROXY_CAINFO_BLOB - proxy Certificate Authority (CA) bundle in PEM
format
#include <curl/curl.h>
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_CAINFO_BLOB,
struct curl_blob *stblob);
This option is for connecting to an HTTPS proxy, not an HTTPS server.
Pass a pointer to a curl_blob structure, which contains information (pointer and
size) about a memory block with binary data of PEM encoded content holding one
or more certificates to verify the HTTPS proxy with.
If
CURLOPT_PROXY_SSL_VERIFYPEER(3) is zero and you avoid verifying the
server's certificate, is not needed.
This option overrides
CURLOPT_PROXY_CAINFO(3).
NULL
Used with HTTPS proxy
char *strpem; /* strpem must point to a PEM string */
CURL *curl = curl_easy_init();
if(curl) {
struct curl_blob blob;
curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
/* using an HTTPS proxy */
curl_easy_setopt(curl, CURLOPT_PROXY, "https://localhost:443");
blob.data = strpem;
blob.len = strlen(strpem);
blob.flags = CURL_BLOB_COPY;
curl_easy_setopt(curl, CURLOPT_PROXY_CAINFO_BLOB, &blob);
ret = curl_easy_perform(curl);
curl_easy_cleanup(curl);
}
Added in 7.77.0.
This option is supported by the rustls (since 7.82.0), OpenSSL, Secure Transport
and Schannel backends.
Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or
CURLE_OUT_OF_MEMORY if there was insufficient heap space.
CURLOPT_PROXY_CAINFO(3),
CURLOPT_PROXY_CAPATH(3),
CURLOPT_PROXY_SSL_VERIFYPEER(3),
CURLOPT_PROXY_SSL_VERIFYHOST(3),
CURLOPT_CAINFO(3),
CURLOPT_CAINFO_BLOB(3),
CURLOPT_CAPATH(3),
CURLOPT_SSL_VERIFYPEER(3),
CURLOPT_SSL_VERIFYHOST(3),