Go to main content

man pages section 3: Library Interfaces and Headers

Exit Print View

Updated: Thursday, June 13, 2019
 
 

CURLOPT_SSLCERT (3)

Name

CURLOPT_SSLCERT - set SSL client certificate

Synopsis

#include <curl/curl.h>

CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSLCERT, char *cert);

Description

CURLOPT_SSLCERT(3)         curl_easy_setopt options         CURLOPT_SSLCERT(3)



NAME
       CURLOPT_SSLCERT - set SSL client certificate

SYNOPSIS
       #include <curl/curl.h>

       CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSLCERT, char *cert);

DESCRIPTION
       Pass  a  pointer  to  a zero terminated string as parameter. The string
       should be the file name of your client certificate. The default  format
       is  "P12"  on  Secure  Transport and "PEM" on other engines, and can be
       changed with CURLOPT_SSLCERTTYPE(3).

       With NSS or Secure Transport, this can also be the nickname of the cer-
       tificate  you  wish to authenticate with as it is named in the security
       database. If you want to use a file from the current directory,  please
       precede  it  with "./" prefix, in order to avoid confusion with a nick-
       name.

       (Schannel only) Client certificates must be specified by a path expres-
       sion  to  a  certificate  store. (Loading PFX is not supported; you can
       import it to a store  first).  You  can  use  "<store  location>\<store
       name>\<thumbprint>"  to  refer  to a certificate in the system certifi-
       cates          store,          for          example,           "Curren-
       tUser\MY\934a7ac6f8a5d579285a74fa61e19f23ddfe8d7a".  Thumbprint is usu-
       ally a SHA-1 hex string which you can see in certificate details.  Fol-
       lowing  store  locations are supported: CurrentUser, LocalMachine, Cur-
       rentService, Services, CurrentUserGroupPolicy, LocalMachineGroupPolicy,
       LocalMachineEnterprise.

       When using a client certificate, you most likely also need to provide a
       private key with CURLOPT_SSLKEY(3).

       The application does not have to keep the string around  after  setting
       this option.

DEFAULT
       NULL

PROTOCOLS
       All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.

EXAMPLE
       CURL *curl = curl_easy_init();
       if(curl) {
         curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
         curl_easy_setopt(curl, CURLOPT_SSLCERT, "client.pem");
         curl_easy_setopt(curl, CURLOPT_SSLKEY, "key.pem");
         curl_easy_setopt(curl, CURLOPT_KEYPASSWD, "s3cret");
         ret = curl_easy_perform(curl);
         curl_easy_cleanup(curl);
       }

AVAILABILITY
       If built TLS enabled.

RETURN VALUE
       Returns  CURLE_OK  if  TLS  enabled,  CURLE_UNKNOWN_OPTION  if  not, or
       CURLE_OUT_OF_MEMORY if there was insufficient heap space.


ATTRIBUTES
       See attributes(7) for descriptions of the following attributes:


       +---------------+------------------+
       |ATTRIBUTE TYPE | ATTRIBUTE VALUE  |
       +---------------+------------------+
       |Availability   | web/curl         |
       +---------------+------------------+
       |Stability      | Uncommitted      |
       +---------------+------------------+
SEE ALSO
       CURLOPT_SSLCERTTYPE(3), CURLOPT_SSLKEY(3),



NOTES
       This    software    was    built    from    source     available     at
       https://github.com/oracle/solaris-userland.    The  original  community
       source   was    downloaded    from     https://github.com/curl/curl/ar-
       chive/curl-7_64_0.zip

       Further information about this software can be found on the open source
       community website at http://curl.haxx.se/.



libcurl 7.37.0                    17 Jun 2014               CURLOPT_SSLCERT(3)