diff options
author | Anderson Toshiyuki Sasaki <ansasaki@redhat.com> | 2018-02-19 14:31:06 +0100 |
---|---|---|
committer | Daniel Stenberg <daniel@haxx.se> | 2018-08-08 09:46:01 +0200 |
commit | 298d2565e2a2f06a859b7f5a1cc24ba7c87a8ce2 (patch) | |
tree | d6c7b12308a7d3617d6843297168c2e6a42d7578 /docs/cmdline-opts/key.d | |
parent | c892795ea3601a6d210a325b2ac566b1c30d3334 (diff) |
ssl: set engine implicitly when a PKCS#11 URI is provided
This allows the use of PKCS#11 URI for certificates and keys without
setting the corresponding type as "ENG" and the engine as "pkcs11"
explicitly. If a PKCS#11 URI is provided for certificate, key,
proxy_certificate or proxy_key, the corresponding type is set as "ENG"
if not provided and the engine is set to "pkcs11" if not provided.
Acked-by: Nikos Mavrogiannopoulos
Closes #2333
Diffstat (limited to 'docs/cmdline-opts/key.d')
-rw-r--r-- | docs/cmdline-opts/key.d | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/docs/cmdline-opts/key.d b/docs/cmdline-opts/key.d index fbf583af0..4877b4238 100644 --- a/docs/cmdline-opts/key.d +++ b/docs/cmdline-opts/key.d @@ -7,4 +7,11 @@ Private key file name. Allows you to provide your private key in this separate file. For SSH, if not specified, curl tries the following candidates in order: '~/.ssh/id_rsa', '~/.ssh/id_dsa', './id_rsa', './id_dsa'. +If curl is built against OpenSSL library, and the engine pkcs11 is available, +then a PKCS#11 URI (RFC 7512) can be used to specify a private key located in a +PKCS#11 device. A string beginning with "pkcs11:" will be interpreted as a +PKCS#11 URI. If a PKCS#11 URI is provided, then the --engine option will be set +as "pkcs11" if none was provided and the --key-type option will be set as +"ENG" if none was provided. + If this option is used several times, the last one will be used. |