From e171968ba3ae44cae618c75b24cf7fd19a124be2 Mon Sep 17 00:00:00 2001 From: Nick Zitzmann Date: Sun, 28 Aug 2016 16:46:59 -0500 Subject: darwinssl: add documentation stating that the --cainfo option is intended for backward compatibility only In other news, I changed one other reference to "Mac OS X" in the documentation (that I previously wrote) to say "macOS" instead. --- docs/libcurl/opts/CURLOPT_CAINFO.3 | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'docs/libcurl/opts') diff --git a/docs/libcurl/opts/CURLOPT_CAINFO.3 b/docs/libcurl/opts/CURLOPT_CAINFO.3 index a05f5c0cf..7db50a8fa 100644 --- a/docs/libcurl/opts/CURLOPT_CAINFO.3 +++ b/docs/libcurl/opts/CURLOPT_CAINFO.3 @@ -40,6 +40,12 @@ is assumed to be stored, as established at build time. If curl is built against the NSS SSL library, the NSS PEM PKCS#11 module (libnsspem.so) needs to be available for this option to work properly. + +(iOS and macOS only) If curl is built against Secure Transport, then this +option is supported for backward compatibility with other SSL engines, but it +should not be set. If the option is not set, then curl will use the +certificates in the system and user Keychain to verify the peer, which is the +preferred method of verifying the peer's certificate chain. .SH DEFAULT Built-in system specific .SH PROTOCOLS -- cgit v1.2.3