darwinssl: add documentation stating that the --cainfo option is intended for backward compatibility only

In other news, I changed one other reference to "Mac OS X" in the documentation (that I previously wrote) to say "macOS" instead.
author: Nick Zitzmann <nickzman@gmail.com> 2016-08-28 16:46:59 -0500
committer: Nick Zitzmann <nickzman@gmail.com> 2016-08-28 16:46:59 -0500
commit: e171968ba3ae44cae618c75b24cf7fd19a124be2 (patch)
tree: 723cee4a35fb8f90b660c4ab9164ca1d37fe8459 /docs/libcurl/opts/CURLOPT_CAINFO.3
parent: 0d729d9e015cba7a05e16a25b21156abf4ca6409 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/docs/libcurl/opts/CURLOPT_CAINFO.3 b/docs/libcurl/opts/CURLOPT_CAINFO.3
index a05f5c0cf..7db50a8fa 100644
--- a/docs/libcurl/opts/CURLOPT_CAINFO.3
+++ b/docs/libcurl/opts/CURLOPT_CAINFO.3
@@ -40,6 +40,12 @@ is assumed to be stored, as established at build time.
 
 If curl is built against the NSS SSL library, the NSS PEM PKCS#11 module
 (libnsspem.so) needs to be available for this option to work properly.
+
+(iOS and macOS only) If curl is built against Secure Transport, then this
+option is supported for backward compatibility with other SSL engines, but it
+should not be set. If the option is not set, then curl will use the
+certificates in the system and user Keychain to verify the peer, which is the
+preferred method of verifying the peer's certificate chain.
 .SH DEFAULT
 Built-in system specific
 .SH PROTOCOLS
author	Nick Zitzmann <nickzman@gmail.com>	2016-08-28 16:46:59 -0500
committer	Nick Zitzmann <nickzman@gmail.com>	2016-08-28 16:46:59 -0500
commit	e171968ba3ae44cae618c75b24cf7fd19a124be2 (patch)
tree	723cee4a35fb8f90b660c4ab9164ca1d37fe8459 /docs/libcurl/opts/CURLOPT_CAINFO.3
parent	0d729d9e015cba7a05e16a25b21156abf4ca6409 (diff)