Go to main content

man pages section 3: Library Interfaces and Headers

Exit Print View

Updated: Thursday, June 13, 2019
 
 

CURLOPT_SSLVERSION (3)

Name

CURLOPT_SSLVERSION - set preferred TLS/SSL version

Synopsis

#include <curl/curl.h>

CURLcode  curl_easy_setopt(CURL  *handle, CURLOPT_SSLVERSION, long ver-
sion);

Description

CURLOPT_SSLVERSION(3)      curl_easy_setopt options      CURLOPT_SSLVERSION(3)



NAME
       CURLOPT_SSLVERSION - set preferred TLS/SSL version

SYNOPSIS
       #include <curl/curl.h>

       CURLcode  curl_easy_setopt(CURL  *handle, CURLOPT_SSLVERSION, long ver-
       sion);

DESCRIPTION
       Pass a long as parameter to control which version range of SSL/TLS ver-
       sions to use.

       The  SSL  and TLS versions have typically developed from the most inse-
       cure version to be more and more secure in this order through  history:
       SSL  v2,  SSLv3,  TLS  v1.0, TLS v1.1, TLS v1.2 and the most recent TLS
       v1.3.

       Use one of the  available  defines  for  this  purpose.  The  available
       options are:

              CURL_SSLVERSION_DEFAULT
                     The default acceptable version range. The minimum accept-
                     able version is by default TLS v1.0 since 7.39.0  (unless
                     the TLS library has a stricter rule).

              CURL_SSLVERSION_TLSv1
                     TLS v1.0 or later

              CURL_SSLVERSION_SSLv2
                     SSL v2 (but not SSLv3)

              CURL_SSLVERSION_SSLv3
                     SSL v3 (but not SSLv2)

              CURL_SSLVERSION_TLSv1_0
                     TLS v1.0 or later (Added in 7.34.0)

              CURL_SSLVERSION_TLSv1_1
                     TLS v1.1 or later (Added in 7.34.0)

              CURL_SSLVERSION_TLSv1_2
                     TLS v1.2 or later (Added in 7.34.0)

              CURL_SSLVERSION_TLSv1_3
                     TLS v1.3 or later (Added in 7.52.0)

       The  maximum  TLS  version  can be set by using one of the CURL_SSLVER-
       SION_MAX_  macros  below.  It  is  also  possible  to  OR  one  of  the
       CURL_SSLVERSION_  macros  with  one of the CURL_SSLVERSION_MAX_ macros.
       The MAX macros are not supported for WolfSSL.

              CURL_SSLVERSION_MAX_DEFAULT
                     The flag defines the maximum  supported  TLS  version  by
                     libcurl,  or  the  default  value from the SSL library is
                     used. libcurl will use a sensible default maximum,  which
                     was  TLS  v1.2  up to before 7.61.0 and is TLS v1.3 since
                     then - assuming the TLS library  support  it.  (Added  in
                     7.54.0)

              CURL_SSLVERSION_MAX_TLSv1_0
                     The  flag  defines  maximum  supported TLS version as TLS
                     v1.0.  (Added in 7.54.0)

              CURL_SSLVERSION_MAX_TLSv1_1
                     The flag defines maximum supported  TLS  version  as  TLS
                     v1.1.  (Added in 7.54.0)

              CURL_SSLVERSION_MAX_TLSv1_2
                     The  flag  defines  maximum  supported TLS version as TLS
                     v1.2.  (Added in 7.54.0)

              CURL_SSLVERSION_MAX_TLSv1_3
                     The flag defines maximum supported  TLS  version  as  TLS
                     v1.3.  (Added in 7.54.0)

DEFAULT
       CURL_SSLVERSION_DEFAULT

PROTOCOLS
       All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.

EXAMPLE
       CURL *curl = curl_easy_init();
       if(curl) {
         curl_easy_setopt(curl, CURLOPT_URL, "https://example.com");

         /* ask libcurl to use TLS version 1.0 or later */
         curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1);

         /* Perform the request */
         curl_easy_perform(curl);
       }

AVAILABILITY
       SSLv2  is  disabled  by default since 7.18.1. Other SSL versions avail-
       ability may vary depending on which backend libcurl has been  built  to
       use.

       SSLv3 is disabled by default since 7.39.0.

RETURN VALUE
       Returns  CURLE_OK  if the option is supported, and CURLE_UNKNOWN_OPTION
       if not.


ATTRIBUTES
       See attributes(7) for descriptions of the following attributes:


       +---------------+------------------+
       |ATTRIBUTE TYPE | ATTRIBUTE VALUE  |
       +---------------+------------------+
       |Availability   | web/curl         |
       +---------------+------------------+
       |Stability      | Uncommitted      |
       +---------------+------------------+
SEE ALSO
       CURLOPT_USE_SSL(3),   CURLOPT_HTTP_VERSION(3),    CURLOPT_PROXY_SSLVER-
       SION(3), CURLOPT_IPRESOLVE(3)



NOTES
       This     software     was    built    from    source    available    at
       https://github.com/oracle/solaris-userland.   The  original   community
       source    was    downloaded    from    https://github.com/curl/curl/ar-
       chive/curl-7_64_0.zip

       Further information about this software can be found on the open source
       community website at http://curl.haxx.se/.



libcurl 7.37.0                    17 Jun 2014            CURLOPT_SSLVERSION(3)