Components All New MacOS Windows Linux iOS
Examples Mac & Win Server Client Guides Statistic FMM Blog Deprecated Old

CURL.SetOptionIssuerCert

Sets the file path for the CA certificate in PEM format.

Component Version macOS Windows Linux Server iOS SDK
CURL 2.5 ✅ Yes ✅ Yes ✅ Yes ✅ Yes ✅ Yes
MBS( "CURL.SetOptionIssuerCert"; curl; Value { ; Encoding } )   More

Parameters

Parameter Description Example Flags
curl The CURL session handle. $curl
Value The CA certificate file path. "/tmp/cert.pem"
Encoding The text encoding for text parameter.
Default is UTF-8.
Possible encoding names: ANSI, ISO-8859-1, Latin1, Mac, Native, UTF-8, DOS, Hex, Base64 or Windows. More listed in the FAQ.
"UTF8" Optional

Result

Returns "OK" on success.

Description

Sets the file path for the CA certificate in PEM format.
If the option is set, an additional check against the peer certificate is performed to verify the issuer is indeed the one associated with the certificate provided by the option. This additional check is useful in multi-level PKI where one needs to enforce that the peer certificate is from a specific branch of the tree.

This option makes sense only when used in combination with the CURL.SetOptionSSLVerifyPeer option. Otherwise, the result of the check is not considered as failure.

A specific error code (CURLE_SSL_ISSUER_ERROR) is defined with the option, which is returned if the setup of the SSL/TLS session has failed due to a mismatch with the issuer of peer certificate (CURL.SetOptionSSLVerifyPeer has to be set too for the check to fail).

Starting with version 8.0 the plugin will always use UTF-8 encoding for file path on Linux and macOS. For macOS we also do the unicode character normalization for file names for you.

See CURL.SetOptionIssuerCertBlob to pass certificate as container or text.

See also ISSUERCERT option in CURL manual.

See also

Release notes

Blog Entries

Created 18th August 2014, last changed 25th June 2020


CURL.SetOptionInterface - CURL.SetOptionIssuerCertBlob