docs: mention env vars not used by schannel

Ref: #12704

Co-authored-by: Jay Satiro <raysatiro@yahoo.com>
Closes #12711

diff --git a/docs/SSLCERTS.md b/docs/SSLCERTS.md
index 4094e2fec64c7a9105a99d6d921193d53ef873d5..d10ce52916a9ac2bccfa82b479fefed85e50fd5e 100644 (file)
--- a/docs/SSLCERTS.md
+++ b/docs/SSLCERTS.md
@@ -103,9 +103,9 @@ server, do one of the following:
        certificate store or use it stand-alone as described. Just remember that
        the security is no better than the way you obtained the certificate.
 
- 4. If you are using the curl command line tool, you can specify your own CA
-    cert file by setting the environment variable `CURL_CA_BUNDLE` to the path
-    of your choice.
+ 4. If you are using the curl command line tool and the TLS backend is not
+    Schannel then you can specify your own CA cert file by setting the
+    environment variable `CURL_CA_BUNDLE` to the path of your choice.
 
     If you are using the curl command line tool on Windows, curl will search
     for a CA cert file named "curl-ca-bundle.crt" in these directories and in

diff --git a/docs/cmdline-opts/cacert.d b/docs/cmdline-opts/cacert.d
index 5e4e74901e55b364ff774abd4f9924f926a310d3..7b63f810bb0b46ae30cfc8c2ceed6c22cb54fca3 100644 (file)
--- a/docs/cmdline-opts/cacert.d
+++ b/docs/cmdline-opts/cacert.d
@@ -15,9 +15,9 @@ may contain multiple CA certificates. The certificate(s) must be in PEM
 format. Normally curl is built to use a default file for this, so this option
 is typically used to alter that default file.
 
-curl recognizes the environment variable named 'CURL_CA_BUNDLE' if it is
-set, and uses the given path as a path to a CA cert bundle. This option
-overrides that variable.
+curl recognizes the environment variable named 'CURL_CA_BUNDLE' if it is set
+and the TLS backend is not Schannel, and uses the given path as a path to a CA
+cert bundle. This option overrides that variable.
 
 The windows version of curl automatically looks for a CA certs file named
 'curl-ca-bundle.crt', either in the same directory as curl.exe, or in the

diff --git a/docs/cmdline-opts/page-footer b/docs/cmdline-opts/page-footer
index af41c94824abbf510b76c79b222e0f90d70fa296..ff56a5cdef8bbf62e27c5e01490e57558da29d02 100644 (file)
--- a/docs/cmdline-opts/page-footer
+++ b/docs/cmdline-opts/page-footer
@@ -49,7 +49,8 @@ If set, the specified number of characters is used as the terminal width when
 the alternative progress-bar is shown. If not set, curl tries to figure it out
 using other ways.
 .IP "CURL_CA_BUNDLE <file>"
-If set, it is used as the --cacert value.
+If set, it is used as the --cacert value. This environment variable is ignored
+if Schannel is used as the TLS backend.
 .IP "CURL_HOME <dir>"
 If set, is the first variable curl checks when trying to find its home
 directory. If not set, it continues to check *XDG_CONFIG_HOME*
@@ -74,9 +75,11 @@ files can become rather large. Works with the ngtcp2 and quiche QUIC backends.
 .IP SHELL
 Used on VMS when trying to detect if using a **DCL** or a **unix** shell.
 .IP "SSL_CERT_DIR <dir>"
-If set, it is used as the --capath value.
+If set, it is used as the --capath value. This environment variable is ignored
+if Schannel is used as the TLS backend.
 .IP "SSL_CERT_FILE <path>"
-If set, it is used as the --cacert value.
+If set, it is used as the --cacert value. This environment variable is ignored
+if Schannel is used as the TLS backend.
 .IP "SSLKEYLOGFILE <file name>"
 If you set this environment variable to a file name, curl stores TLS secrets
 from its connections in that file when invoked to enable you to analyze the