darwinssl: add TLS crypto authentication

Users using the Secure Transport (darwinssl) back-end can now use a certificate and private key to authenticate with a site using TLS. Because Apple's security system is based around the keychain and does not have any non-public function to create a SecIdentityRef data structure from data loaded outside of the Keychain, the certificate and private key have to be loaded into the Keychain first (using the certtool command line tool or the Security framework's C API) before we can find it and use it.
author: Nick Zitzmann <nickzman@gmail.com> 2013-04-27 23:15:07 -0600
committer: Nick Zitzmann <nickzman@gmail.com> 2013-04-27 23:15:07 -0600
commit: a5c0e209392f39ccbbac6568a9635583a64d31eb (patch)
tree: b837914bf246a75a6f187122358f1fd81c91e11f /docs/curl.1
parent: 128517649c73cc767a1bbe4e3f5d256797c7a80b (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/docs/curl.1 b/docs/curl.1
index 1aeeb4650..c4cce98d6 100644
--- a/docs/curl.1
+++ b/docs/curl.1
@@ -390,6 +390,8 @@ NSS PEM PKCS#11 module (libnsspem.so) is available then PEM files may be
 loaded. If you want to use a file from the current directory, please precede
 it with "./" prefix, in order to avoid confusion with a nickname.
 
+(iOS and Mac OS X only) If curl is built against Secure Transport, then the certificate string must match the name of a certificate that's in the system or user keychain. The private key corresponding to the certificate, and certificate chain (if any),  must also be present in the keychain.
+
 If this option is used several times, the last one will be used.
 .IP "--engine <name>"
 Select the OpenSSL crypto engine to use for cipher
author	Nick Zitzmann <nickzman@gmail.com>	2013-04-27 23:15:07 -0600
committer	Nick Zitzmann <nickzman@gmail.com>	2013-04-27 23:15:07 -0600
commit	a5c0e209392f39ccbbac6568a9635583a64d31eb (patch)
tree	b837914bf246a75a6f187122358f1fd81c91e11f /docs/curl.1
parent	128517649c73cc767a1bbe4e3f5d256797c7a80b (diff)