quickjs-tart

quickjs-based runtime for wallet-core logic
Log | Files | Refs | README | LICENSE

CURLOPT_ISSUERCERT.md (2139B)

      1 ---
      2 c: Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
      3 SPDX-License-Identifier: curl
      4 Title: CURLOPT_ISSUERCERT
      5 Section: 3
      6 Source: libcurl
      7 See-also:
      8   - CURLOPT_CRLFILE (3)
      9   - CURLOPT_SSL_VERIFYHOST (3)
     10   - CURLOPT_SSL_VERIFYPEER (3)
     11 Protocol:
     12   - TLS
     13 TLS-backend:
     14   - OpenSSL
     15   - GnuTLS
     16 Added-in: 7.19.0
     17 ---
     18 
     19 # NAME
     20 
     21 CURLOPT_ISSUERCERT - issuer SSL certificate filename
     22 
     23 # SYNOPSIS
     24 
     25 ~~~c
     26 #include <curl/curl.h>
     27 
     28 CURLcode curl_easy_setopt(CURL *handle, CURLOPT_ISSUERCERT, char *file);
     29 ~~~
     30 
     31 # DESCRIPTION
     32 
     33 Pass a char pointer to a null-terminated string naming a *file* holding a CA
     34 certificate in PEM format. If the option is set, an additional check against
     35 the peer certificate is performed to verify the issuer is indeed the one
     36 associated with the certificate provided by the option. This additional check
     37 is useful in multi-level PKI where one needs to enforce that the peer
     38 certificate is from a specific branch of the tree.
     39 
     40 This option makes sense only when used in combination with the
     41 CURLOPT_SSL_VERIFYPEER(3) option. Otherwise, the result of the check is
     42 not considered as failure.
     43 
     44 A specific error code (CURLE_SSL_ISSUER_ERROR) is defined with the option,
     45 which is returned if the setup of the SSL/TLS session has failed due to a
     46 mismatch with the issuer of peer certificate (CURLOPT_SSL_VERIFYPEER(3)
     47 has to be set too for the check to fail). (Added in 7.19.0)
     48 
     49 Using this option multiple times makes the last set string override the
     50 previous ones. Set it to NULL to disable its use again.
     51 
     52 The application does not have to keep the string around after setting this
     53 option.
     54 
     55 # DEFAULT
     56 
     57 NULL
     58 
     59 # %PROTOCOLS%
     60 
     61 # EXAMPLE
     62 
     63 ~~~c
     64 int main(void)
     65 {
     66   CURL *curl = curl_easy_init();
     67   if(curl) {
     68     CURLcode res;
     69     curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
     70     curl_easy_setopt(curl, CURLOPT_ISSUERCERT, "/etc/certs/cacert.pem");
     71     res = curl_easy_perform(curl);
     72     curl_easy_cleanup(curl);
     73   }
     74 }
     75 ~~~
     76 
     77 # %AVAILABILITY%
     78 
     79 # RETURN VALUE
     80 
     81 curl_easy_setopt(3) returns a CURLcode indicating success or error.
     82 
     83 CURLE_OK (0) means everything was OK, non-zero means an error occurred, see
     84 libcurl-errors(3).