3 files changed, 70 insertions, 2 deletions
diff --git a/docs/examples/Makefile.inc b/docs/examples/Makefile.inc
index 68b66c3e3..c3ee0228b 100644
--- a/docs/examples/Makefile.inc
+++ b/docs/examples/Makefile.inc
@@ -5,7 +5,7 @@ check_PROGRAMS = 10-at-a-time anyauthput cookie_interface \
   https multi-app multi-debugcallback multi-double \
   multi-post multi-single persistant post-callback \
   postit2 sepheaders simple simplepost simplessl \
-  sendrecv httpcustomheader
+  sendrecv httpcustomheader certinfo
 
 # These examples require external dependencies that may not be commonly
 # available on POSIX systems, so don't bother attempting to compile them here.
@@ -14,4 +14,3 @@ COMPLICATED_EXAMPLES = \
  ghiper.c hiperfifo.c htmltidy.c multithread.c \
  opensslthreadlock.c sampleconv.c synctime.c threaded-ssl.c
 
-
diff --git a/docs/examples/certinfo.c b/docs/examples/certinfo.c
new file mode 100644
index 000000000..b0e9759f4
--- /dev/null
+++ b/docs/examples/certinfo.c
@@ -0,0 +1,62 @@
+/*****************************************************************************
+ */
+
+#include <stdio.h>
+
+#include <curl/curl.h>
+#include <curl/types.h>
+#include <curl/easy.h>
+
+static size_t wrfu(void *ptr,  size_t  size,  size_t  nmemb,  void *stream)
+{
+  return size * nmemb;
+}
+int main(int argc, char **argv)
+{
+  CURL *curl;
+  CURLcode res;
+
+  curl_global_init(CURL_GLOBAL_DEFAULT);
+
+  curl = curl_easy_init();
+  if(curl) {
+    curl_easy_setopt(curl, CURLOPT_URL, "https://www.networking4all.com/");
+
+    curl_easy_setopt(curl, CURLOPT_WRITEFUNCTION, wrfu);
+
+    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
+    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
+
+    curl_easy_setopt(curl, CURLOPT_VERBOSE, 0L);
+    curl_easy_setopt(curl, CURLOPT_CERTINFO, 1L);
+
+    res = curl_easy_perform(curl);
+
+    if(!res) {
+      struct curl_certinfo *ci = NULL;
+
+      res = curl_easy_getinfo(curl, CURLINFO_CERTINFO, &ci);
+
+      if(!res && ci) {
+        int i;
+        printf("%d certs!\n", ci->num_of_certs);
+
+        for(i=0; i<ci->num_of_certs; i++) {
+          struct curl_slist *slist;
+
+          for(slist = ci->certinfo[i]; slist; slist = slist->next)
+            printf("%s\n", slist->data);
+
+        }
+      }
+
+    }
+
+
+    curl_easy_cleanup(curl);
+  }
+
+  curl_global_cleanup();
+
+  return 0;
+}
diff --git a/docs/libcurl/curl_easy_setopt.3 b/docs/libcurl/curl_easy_setopt.3
index 6059e38bf..e07776ccf 100644
--- a/docs/libcurl/curl_easy_setopt.3
+++ b/docs/libcurl/curl_easy_setopt.3
@@ -1496,6 +1496,13 @@ A specific error code (CURLE_SSL_CRL_BADFILE) is defined with the option. It
 is returned when the SSL exchange fails because the CRL file cannot be loaded.
 Note that a failure in certificate verification due to a revocation information
 found in the CRL does not trigger this specific error. (Added in 7.19.0)
+.IP CURLOPT_CERTINFO
+Pass a long set to 1 to enable libcurl's certificate chain info gatherer. With
+this enabled, libcurl (if built with OpenSSL) will extract lots of information
+and data about the certificate's in the certificate chain used in the SSL
+connection. This data is then possible to extract after a transfer using
+\fIcurl_easy_getinfo(3)\fP and its option \fICURLINFO_CERTINFO\fP. (Added in
+7.19.0)
 .IP CURLOPT_RANDOM_FILE
 Pass a char * to a zero terminated file name. The file will be used to read
 from to seed the random engine for SSL. The more random the specified file is,