/usr/lib/swipl/library/ssl.pl
AllApplicationManualNameSummaryHelp

 system_root_certificates(-List) is det
List is a list of trusted root certificates as provided by the OS. This is the list used by ssl_context/3 when using the option system(root_certificates). The list is obtained using an OS specific process. The current implementation is as follows:
  • On Windows, CertOpenSystemStore() is used to import the "ROOT" certificates from the OS.
  • On MacOSX, the trusted keys are loaded from the SystemRootCertificates key chain. The Apple API for this requires the SSL interface to be compiled with an XCode compiler, i.e., not with native gcc.
  • Otherwise, certificates are loaded from a file defined by the Prolog flag system_cacert_filename. The initial value of this flag is operating system dependent. For security reasons, the flag can only be set prior to using the SSL library. For example: 
    :- use_module(library(ssl)).
:- set_prolog_flag(system_cacert_filename,
                   '/home/jan/ssl/ca-bundle.crt').