Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
CURLOPT_SSLCERT(3)	   curl_easy_setopt options	    CURLOPT_SSLCERT(3)

NAME
       CURLOPT_SSLCERT - set SSL client	certificate

SYNOPSIS
       #include	<curl/curl.h>

       CURLcode	curl_easy_setopt(CURL *handle, CURLOPT_SSLCERT,	char *cert);

DESCRIPTION
       Pass  a	pointer	 to  a null-terminated string as parameter. The	string
       should be the file name of your client certificate. The default	format
       is  "P12"  on  Secure  Transport	and "PEM" on other engines, and	can be
       changed with CURLOPT_SSLCERTTYPE(3).

       With NSS	or Secure Transport, this can also be the nickname of the cer-
       tificate	 you  wish to authenticate with	as it is named in the security
       database. If you	want to	use a file from	the current directory,	please
       precede	it  with "./" prefix, in order to avoid	confusion with a nick-
       name.

       (Schannel only) Client certificates can be specified by a path  expres-
       sion to a certificate store. (You can import PFX	to a store first). You
       can use "<store location>\<store	name>\<thumbprint>" to refer to	a cer-
       tificate	 in  the  system  certificates	store,	for  example, "Curren-
       tUser\MY\934a7ac6f8a5d579285a74fa61e19f23ddfe8d7a". Thumbprint is  usu-
       ally  a SHA-1 hex string	which you can see in certificate details. Fol-
       lowing store locations are supported: CurrentUser,  LocalMachine,  Cur-
       rentService, Services, CurrentUserGroupPolicy, LocalMachineGroupPolicy,
       LocalMachineEnterprise.	Schannel also support  P12  certificate	 file,
       with the	string "P12" specified with CURLOPT_SSLCERTTYPE(3).

       When using a client certificate,	you most likely	also need to provide a
       private key with	CURLOPT_SSLKEY(3).

       The application does not	have to	keep the string	around	after  setting
       this option.

DEFAULT
       NULL

PROTOCOLS
       All TLS based protocols:	HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.

EXAMPLE
       CURL *curl = curl_easy_init();
       if(curl)	{
	 curl_easy_setopt(curl,	CURLOPT_URL, "https://example.com/");
	 curl_easy_setopt(curl,	CURLOPT_SSLCERT, "client.pem");
	 curl_easy_setopt(curl,	CURLOPT_SSLKEY,	"key.pem");
	 curl_easy_setopt(curl,	CURLOPT_KEYPASSWD, "s3cret");
	 ret = curl_easy_perform(curl);
	 curl_easy_cleanup(curl);
       }

AVAILABILITY
       If built	TLS enabled.

RETURN VALUE
       Returns	CURLE_OK  if  TLS  enabled,  CURLE_UNKNOWN_OPTION  if  not, or
       CURLE_OUT_OF_MEMORY if there was	insufficient heap space.

SEE ALSO
       CURLOPT_SSLCERTTYPE(3), CURLOPT_SSLKEY(3),

libcurl	7.72.0			 June 25, 2020		    CURLOPT_SSLCERT(3)

NAME | SYNOPSIS | DESCRIPTION | DEFAULT | PROTOCOLS | EXAMPLE | AVAILABILITY | RETURN VALUE | SEE ALSO

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=CURLOPT_SSLCERT&sektion=3&manpath=FreeBSD+12.1-RELEASE+and+Ports>

home | help