TclVFS

Help: ssl-ca-location
Login
Bounty program for improvements to Tcl and certain Tcl packages.
Tcl 2018 Conference, Houston/TX, US, Oct 15-19
Send your abstracts to tclconference@googlegroups.com or submit via the online form
by Aug 20.

The "ssl-ca-location" setting:

The full pathname to a file containing PEM encoded
CA root certificates, or a directory of certificates
with filenames formed from the certificate hashes as
required by OpenSSL.

If set, this will override the OS default list of
OpenSSL CAs. If unset, the default list will be used.
Some platforms may add additional certificates.
Checking your platform behaviour is required if the
exact contents of the CA root is critical for your
application.