aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlessandro Ghedini <al3xbio@gmail.com>2011-12-17 15:04:57 +0100
committerDaniel Stenberg <daniel@haxx.se>2011-12-19 11:10:47 +0100
commitb235d5ade84b012f85319325a24bc9d01ec1ac56 (patch)
tree0ac7c6ebc041ea19f9e13d9f240263c7250023bf
parentee3d3adc6fe1559a5edaa6f7f743b51a19e3f63d (diff)
docs: improve description of the --capath option
Document the possibility of providing multiple values using the ":" separator, and the fact that the default value will be ignored if the option is used.
-rw-r--r--docs/curl.116
1 files changed, 9 insertions, 7 deletions
diff --git a/docs/curl.1 b/docs/curl.1
index 052b1dd09..661532bca 100644
--- a/docs/curl.1
+++ b/docs/curl.1
@@ -434,13 +434,15 @@ may be loaded.
If this option is used several times, the last one will be used.
.IP "--capath <CA certificate directory>"
(SSL) Tells curl to use the specified certificate directory to verify the
-peer. The certificates must be in PEM format, and if curl is built against
-OpenSSL, the directory must have been processed using the c_rehash utility
-supplied with OpenSSL. Using \fI--capath\fP can allow OpenSSL-powered curl to
-make SSL-connections much more efficiently than using \fI--cacert\fP if the
-\fI--cacert\fP file contains many CA certificates.
-
-If this option is used several times, the last one will be used.
+peer. Multiple paths can be provided by separating them with ":" (e.g.
+"path1:path2:path3"). The certificates must be in PEM format, and if curl
+is built against OpenSSL, the directory must have been processed using the
+c_rehash utility supplied with OpenSSL. Using \fI--capath\fP can allow
+OpenSSL-powered curl to make SSL-connections much more efficiently than
+using \fI--cacert\fP if the \fI--cacert\fP file contains many CA certificates.
+
+If this option is set, the default capath value will be ignored, and if it
+is used several times, the last one will be used.
.IP "-f, --fail"
(HTTP) Fail silently (no output at all) on server errors. This is mostly done
to better enable scripts etc to better deal with failed attempts. In