cacert.md (1396B)
1 --- 2 c: Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al. 3 SPDX-License-Identifier: curl 4 Long: cacert 5 Arg: <file> 6 Help: CA certificate to verify peer against 7 Protocols: TLS 8 Category: tls 9 Added: 7.5 10 Multi: single 11 See-also: 12 - capath 13 - dump-ca-embed 14 - insecure 15 Example: 16 - --cacert CA-file.txt $URL 17 --- 18 19 # `--cacert` 20 21 Use the specified certificate file to verify the peer. The file may contain 22 multiple CA certificates. The certificate(s) must be in PEM format. Normally 23 curl is built to use a default file for this, so this option is typically used 24 to alter that default file. 25 26 curl recognizes the environment variable named 'CURL_CA_BUNDLE' if it is set 27 and the TLS backend is not Schannel, and uses the given path as a path to a CA 28 cert bundle. This option overrides that variable. 29 30 (Windows) curl automatically looks for a CA certs file named 31 'curl-ca-bundle.crt', either in the same directory as curl.exe, or in the 32 Current Working Directory, or in any folder along your PATH. 33 34 curl 8.11.0 added a build-time option to disable this search behavior, and 35 another option to restrict search to the application's directory. 36 37 (Schannel) This option is supported for Schannel in Windows 7 or later (added 38 in 7.60.0). This option is supported for backward compatibility with other SSL 39 engines; instead it is recommended to use Windows' store of root certificates 40 (the default for Schannel).