.\" generated by cd2nroff 0.1 from CURLOPT_CAINFO_BLOB.md .TH CURLOPT_CAINFO_BLOB 3 "2024-11-18" libcurl .SH NAME CURLOPT_CAINFO_BLOB \- Certificate Authority (CA) bundle in PEM format .SH SYNOPSIS .nf #include CURLcode curl_easy_setopt(CURL *handle, CURLOPT_CAINFO_BLOB, struct curl_blob *stblob); .fi .SH DESCRIPTION Pass a pointer to a curl_blob structure, which contains information (pointer and size) about a memory block with binary data of PEM encoded content holding one or more certificates to verify the HTTPS server with. If the blob is initialized with the flags member of struct curl_blob set to CURL_BLOB_COPY, the application does not have to keep the buffer around after setting this. If \fICURLOPT_SSL_VERIFYPEER(3)\fP is zero and you avoid verifying the server\(aqs certificate, \fICURLOPT_CAINFO_BLOB(3)\fP is not needed. This option overrides \fICURLOPT_CAINFO(3)\fP. .SH DEFAULT NULL .SH PROTOCOLS This functionality affects all TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc. This option works only with the following TLS backends: BearSSL, OpenSSL, Schannel, Secure Transport, mbedTLS, rustls and wolfSSL .SH EXAMPLE .nf #include int main(void) { char *strpem; /* strpem must point to a PEM string */ CURL *curl = curl_easy_init(); if(curl) { CURLcode res; struct curl_blob blob; curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/"); blob.data = strpem; blob.len = strlen(strpem); blob.flags = CURL_BLOB_COPY; curl_easy_setopt(curl, CURLOPT_CAINFO_BLOB, &blob); res = curl_easy_perform(curl); curl_easy_cleanup(curl); } } .fi .SH HISTORY This option is supported by the BearSSL (since 7.79.0), mbedTLS (since 7.81.0), rustls (since 7.82.0), wolfSSL (since 8.2.0), OpenSSL, Secure Transport and Schannel backends. .SH AVAILABILITY Added in curl 7.77.0 .SH RETURN VALUE Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or CURLE_OUT_OF_MEMORY if there was insufficient heap space. .SH SEE ALSO .BR CURLOPT_CAINFO (3), .BR CURLOPT_CAPATH (3), .BR CURLOPT_SSL_VERIFYHOST (3), .BR CURLOPT_SSL_VERIFYPEER (3)