[...] > SSL_CTX_load_verify_locations why consume 20ms every time? Openssl read > /etc/pki/tls/certs/ca-bundle.crt once time, I don't change this file, why > Openssl not cache this?
As a workaround, you can set CURLOPT_CAINFO to point to a single certificate, (possibly just a dummy certificate) and use a hashed certificate directory (created by e.g. c_rehash) to manager your actual trust store, and point CURLOPT_CAPATH to it. rainer ------------------------------------------------------------------- Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.html