Section: curl_easy_setopt options (3)
Updated: September 10, 2017
CURLOPT_CAPATH - specify directory holding CA certificates
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_CAPATH, char *capath);
Pass a char * to a zero terminated string naming a directory holding multiple
CA certificates to verify the peer with. If libcurl is built against OpenSSL,
the certificate directory must be prepared using the openssl c_rehash utility.
This makes sense only when used in combination with the
The CURLOPT_CAPATH(3) function apparently does not work in Windows due
to some limitation in openssl.
The application does not have to keep the string around after setting this
All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
CURL *curl = curl_easy_init();
curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
curl_easy_setopt(curl, CURLOPT_CAPATH, "/etc/cert-dir");
ret = curl_easy_perform(curl);
This option is supported by the OpenSSL, GnuTLS, PolarSSL and mbedTLS
(since 7.56.0) backends. The NSS backend provides the option only for
CURLE_OK if supported; or an error such as:
CURLE_NOT_BUILT_IN - Not supported by the SSL backend