CURLOPT_PROXY_SSL_VERIFYHOST - verify the proxy certificate's name against host
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SSL_VERIFYHOST, long
Pass a long set to 2L as asking curl to verify
in the HTTPS proxy's
certificate name fields against the proxy name.
This option determines whether libcurl verifies that the proxy cert contains the
correct name for the name it is known as.
is 2, the proxy certificate must
indicate that the server is the proxy to which you meant to connect to, or the
Curl considers the proxy the intended one when the Common Name field or a
Subject Alternate Name field in the certificate matches the host name in the
proxy string which you told curl to use.
When the verify
value is 1L, curl_easy_setopt
will return an error
and the option value will not be changed due to old legacy reasons.
When the verify
value is 0L, the connection succeeds regardless of the
names used in the certificate. Use that ability with caution!
See also CURLOPT_PROXY_SSL_VERIFYPEER(3)
to verify the digital signature
of the proxy certificate. If libcurl is built against NSS and
is also set to zero and cannot be
All protocols when used over an HTTPS proxy.
CURL *curl = curl_easy_init();
curl_easy_setopt(curl, CURLOPT_URL, "https://example.com");
/* Set the default value: strict name check please */
curl_easy_setopt(curl, CURLOPT_PROXY_SSL_VERIFYHOST, 2L);
Added in 7.52.0.
If built TLS enabled.
Returns CURLE_OK if TLS is supported, and CURLE_UNKNOWN_OPTION if not.
If 1 is set as argument, CURLE_BAD_FUNCTION_ARGUMENT