Go to main content

man pages section 3: Library Interfaces and Headers

Exit Print View

Updated: Wednesday, July 27, 2022
 
 

CURLOPT_SSLVERSION (3)

Name

CURLOPT_SSLVERSION - preferred TLS/SSL version

Synopsis

#include <curl/curl.h>

CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSLVERSION, long version);

Description

CURLOPT_SSLVERSION(3)      curl_easy_setopt options      CURLOPT_SSLVERSION(3)



NAME
       CURLOPT_SSLVERSION - preferred TLS/SSL version

SYNOPSIS
       #include <curl/curl.h>

       CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSLVERSION, long version);

DESCRIPTION
       Pass a long as parameter to control which version range of SSL/TLS ver-
       sions to use.

       The SSL and TLS versions have typically developed from the  most  inse-
       cure  version to be more and more secure in this order through history:
       SSL v2, SSLv3, TLS v1.0, TLS v1.1, TLS v1.2 and  the  most  recent  TLS
       v1.3.

       Use  one  of  the  available  defines  for  this purpose. The available
       options are:

              CURL_SSLVERSION_DEFAULT
                     The default acceptable version range. The minimum accept-
                     able  version is by default TLS v1.0 since 7.39.0 (unless
                     the TLS library has a stricter rule).

              CURL_SSLVERSION_TLSv1
                     TLS v1.0 or later

              CURL_SSLVERSION_SSLv2
                     SSL v2 - refused

              CURL_SSLVERSION_SSLv3
                     SSL v3 - refused

              CURL_SSLVERSION_TLSv1_0
                     TLS v1.0 or later (Added in 7.34.0)

              CURL_SSLVERSION_TLSv1_1
                     TLS v1.1 or later (Added in 7.34.0)

              CURL_SSLVERSION_TLSv1_2
                     TLS v1.2 or later (Added in 7.34.0)

              CURL_SSLVERSION_TLSv1_3
                     TLS v1.3 or later (Added in 7.52.0)

       The maximum TLS version can be set by using  one  of  the  CURL_SSLVER-
       SION_MAX_  macros  below.  It  is  also  possible  to  OR  one  of  the
       CURL_SSLVERSION_ macros with one of  the  CURL_SSLVERSION_MAX_  macros.
       The MAX macros are not supported for WolfSSL.

              CURL_SSLVERSION_MAX_DEFAULT
                     The  flag  defines  the  maximum supported TLS version by
                     libcurl, or the default value from  the  SSL  library  is
                     used.  libcurl will use a sensible default maximum, which
                     was TLS v1.2 up to before 7.61.0 and is  TLS  v1.3  since
                     then  -  assuming  the  TLS library support it. (Added in
                     7.54.0)

              CURL_SSLVERSION_MAX_TLSv1_0
                     The flag defines maximum supported  TLS  version  as  TLS
                     v1.0.  (Added in 7.54.0)

              CURL_SSLVERSION_MAX_TLSv1_1
                     The  flag  defines  maximum  supported TLS version as TLS
                     v1.1.  (Added in 7.54.0)

              CURL_SSLVERSION_MAX_TLSv1_2
                     The flag defines maximum supported  TLS  version  as  TLS
                     v1.2.  (Added in 7.54.0)

              CURL_SSLVERSION_MAX_TLSv1_3
                     The  flag  defines  maximum  supported TLS version as TLS
                     v1.3.  (Added in 7.54.0)

       In versions of curl prior to 7.54 the CURL_SSLVERSION_TLS options  were
       documented  to  allow  only the specified TLS version, but behavior was
       inconsistent depending on the TLS library.


DEFAULT
       CURL_SSLVERSION_DEFAULT

PROTOCOLS
       All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.

EXAMPLE
       CURL *curl = curl_easy_init();
       if(curl) {
         curl_easy_setopt(curl, CURLOPT_URL, "https://example.com");

         /* ask libcurl to use TLS version 1.0 or later */
         curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1);

         /* Perform the request */
         curl_easy_perform(curl);
       }

AVAILABILITY
       SSLv2 and SSLv3 are refused completely since curl 7.77.0

       SSLv2 is disabled by default since 7.18.1. Other  SSL  versions  avail-
       ability  may  vary depending on which backend libcurl has been built to
       use.

       SSLv3 is disabled by default since 7.39.0.

RETURN VALUE
       Returns CURLE_OK if the option is supported,  and  CURLE_UNKNOWN_OPTION
       if not.


ATTRIBUTES
       See attributes(7) for descriptions of the following attributes:


       +---------------+------------------+
       |ATTRIBUTE TYPE | ATTRIBUTE VALUE  |
       +---------------+------------------+
       |Availability   | web/curl         |
       +---------------+------------------+
       |Stability      | Uncommitted      |
       +---------------+------------------+

SEE ALSO
       CURLOPT_USE_SSL(3),    CURLOPT_HTTP_VERSION(3),   CURLOPT_PROXY_SSLVER-
       SION(3), CURLOPT_IPRESOLVE(3)



NOTES
       Source code for open source software components in Oracle  Solaris  can
       be found at https://www.oracle.com/downloads/opensource/solaris-source-
       code-downloads.html.

       This    software    was    built    from    source     available     at
       https://github.com/oracle/solaris-userland.    The  original  community
       source      was      downloaded       from        https://curl.se/down-
       load/curl-7.83.1.tar.bz2.

       Further information about this software can be found on the open source
       community website at http://curl.haxx.se/.



libcurl 7.83.1                 November 26, 2021         CURLOPT_SSLVERSION(3)
Copyright © 1993, 2022, Oracle and/or its affiliates.  
Previous
Next