Commit b235d5ad authored by Alessandro Ghedini's avatar Alessandro Ghedini Committed by Daniel Stenberg
Browse files

docs: improve description of the --capath option 

Document the possibility of providing multiple values using the ":"
separator, and the fact that the default value will be ignored if the
option is used.
parent ee3d3adc

docs/curl.1

+9 −7
Original line number Diff line number Diff line
@@ -434,13 +434,15 @@ may be loaded. 
If this option is used several times, the last one will be used.

.IP "--capath <CA certificate directory>"

(SSL) Tells curl to use the specified certificate directory to verify the

peer. The certificates must be in PEM format, and if curl is built against

OpenSSL, the directory must have been processed using the c_rehash utility

supplied with OpenSSL. Using \fI--capath\fP can allow OpenSSL-powered curl to

make SSL-connections much more efficiently than using \fI--cacert\fP if the

\fI--cacert\fP file contains many CA certificates.



If this option is used several times, the last one will be used.

peer. Multiple paths can be provided by separating them with ":" (e.g.

"path1:path2:path3"). The certificates must be in PEM format, and if curl

is built against OpenSSL, the directory must have been processed using the

c_rehash utility supplied with OpenSSL. Using \fI--capath\fP can allow

OpenSSL-powered curl to make SSL-connections much more efficiently than

using \fI--cacert\fP if the \fI--cacert\fP file contains many CA certificates.



If this option is set, the default capath value will be ignored, and if it

is used several times, the last one will be used.

.IP "-f, --fail"

(HTTP) Fail silently (no output at all) on server errors. This is mostly done

to better enable scripts etc to better deal with failed attempts. In