| xf.li | 6c8fc1e | 2023-08-12 00:11:09 -0700 | [diff] [blame] | 1 | c: Copyright (C) 1998 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al. |
| 2 | SPDX-License-Identifier: curl |
| 3 | Long: capath |
| 4 | Arg: <dir> |
| 5 | Help: CA directory to verify peer against |
| 6 | Protocols: TLS |
| 7 | Category: tls |
| 8 | See-also: cacert insecure |
| 9 | Example: --capath /local/directory $URL |
| 10 | Added: 7.9.8 |
| 11 | Multi: single |
| 12 | --- |
| 13 | Tells curl to use the specified certificate directory to verify the |
| 14 | peer. Multiple paths can be provided by separating them with ":" (e.g. |
| 15 | "path1:path2:path3"). The certificates must be in PEM format, and if curl is |
| 16 | built against OpenSSL, the directory must have been processed using the |
| 17 | c_rehash utility supplied with OpenSSL. Using --capath can allow |
| 18 | OpenSSL-powered curl to make SSL-connections much more efficiently than using |
| 19 | --cacert if the --cacert file contains many CA certificates. |
| 20 | |
| 21 | If this option is set, the default capath value will be ignored. |