Skip to content

Commit

Permalink
docs: Clarify CURLOPT_CAINFO_BLOB with VERIFYPEER
Browse files Browse the repository at this point in the history 
If CURLOPT_SSL_VERIFYPEER is disabled and CURLOPT_CAINFO_BLOB is
provided, certificates will not be loaded from the BLOB into the TLS
backend. This is an important interaction if CURLOPT_SSL_CTX_FUNCTION
is used for custom TLS verification.
  • Loading branch information
Kyle Daling authored and Kyle Daling committed Aug 2, 2023
1 parent 20f4e94 commit 93306b6
Showing 1 changed file with 3 additions and 2 deletions.
5 changes: 3 additions & 2 deletions docs/libcurl/opts/CURLOPT_CAINFO_BLOB.3
View file
Expand Up @@ -37,8 +37,9 @@ Pass a pointer to a curl_blob structure, which contains information (pointer
and size) about a memory block with binary data of PEM encoded content holding
one or more certificates to verify the HTTPS server with.

If \fICURLOPT_SSL_VERIFYPEER(3)\fP is zero and you avoid verifying the
server's certificate, \fICURLOPT_CAINFO_BLOB(3)\fP is not needed.
If \fICURLOPT_SSL_VERIFYPEER(3)\fP is zero and you avoid verifying the server's
certificate, any certificates provided by using \fICURLOPT_CAINFO_BLOB(3)\fP
are not used.

This option overrides \fICURLOPT_CAINFO(3)\fP.
.SH DEFAULT
Expand Down

0 comments on commit 93306b6

Please sign in to comment.