diff options
author | moparisthebest <admin@moparisthebest.com> | 2014-11-24 19:30:09 +0100 |
---|---|---|
committer | Patrick Monnerat <pm@datasphere.ch> | 2014-11-24 19:30:09 +0100 |
commit | be1a5051890b7ad9339b0208424b94aa32c64776 (patch) | |
tree | d98e121223d1959808a8446e9000ecacaf70a1c8 /docs/curl.1 | |
parent | 2008c92513cee98ded80ed9ffaf984edc0c97c33 (diff) |
SSL: Add PEM format support for public key pinning
Diffstat (limited to 'docs/curl.1')
-rw-r--r-- | docs/curl.1 | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/docs/curl.1 b/docs/curl.1 index 5f88cffb8..7d914645d 100644 --- a/docs/curl.1 +++ b/docs/curl.1 @@ -539,14 +539,14 @@ If this option is set, the default capath value will be ignored, and if it is used several times, the last one will be used. .IP "--pinnedpubkey <pinned public key>" (SSL) Tells curl to use the specified public key file to verify the peer. The -file must contain a single public key in DER format. +file must contain a single public key in PEM or DER format. When negotiating a TLS or SSL connection, the server sends a certificate indicating its identity. A public key is extracted from this certificate and if it does not exactly match the public key provided to this option, curl will abort the connection before sending or receiving any data. -This is currently only implemented in the OpenSSL and GnuTLS backends. +This is currently only implemented in the OpenSSL, GnuTLS and GSKit backends. If this option is used several times, the last one will be used. (Added in 7.39.0) |