diff options
| author | Nick Zitzmann <nickzman@gmail.com> | 2013-09-05 18:57:06 -0500 |
|---|---|---|
| committer | Nick Zitzmann <nickzman@gmail.com> | 2013-09-05 18:57:06 -0500 |
| commit | d2fe616e7e44a106ac976aaeaa441ad7d8a6df11 (patch) | |
| tree | 58aa781073e509b882386d827b12c1e882b307d6 /docs/libcurl | |
| parent | 316ca865e34bac3f64214c046ded06a1fcecc7c6 (diff) | |
darwinssl: add support for PKCS#12 files for client authentication
I also documented the fact that the OpenSSL engine also supports them.
Diffstat (limited to 'docs/libcurl')
| -rw-r--r-- | docs/libcurl/curl_easy_setopt.3 | 28 |
1 files changed, 13 insertions, 15 deletions
diff --git a/docs/libcurl/curl_easy_setopt.3 b/docs/libcurl/curl_easy_setopt.3 index 0478fac54..f4084823d 100644 --- a/docs/libcurl/curl_easy_setopt.3 +++ b/docs/libcurl/curl_easy_setopt.3 @@ -2305,22 +2305,20 @@ timeout is set, the internal default of 60000 will be used. (Added in 7.24.0) .SH SSL and SECURITY OPTIONS .IP CURLOPT_SSLCERT Pass a pointer to a zero terminated string as parameter. The string should be -the file name of your certificate. The default format is "PEM" and can be -changed with \fICURLOPT_SSLCERTTYPE\fP. - -With NSS this can also be the nickname of the certificate you wish to -authenticate with. If you want to use a file from the current directory, please -precede it with "./" prefix, in order to avoid confusion with a nickname. - -(iOS and Mac OS X only) With Secure Transport, this string must match the name -of a certificate that's in the system or user keychain. You should encode this -string in UTF-8 format in case it contains non-ASCII characters. The private -key corresponding to the certificate, and certificate chain (if any), must -also be present in the keychain. (Added in 7.31.0) +the file name of your certificate. The default format is "P12" on Secure +Transport and "PEM" on other engines, and can be changed with +\fICURLOPT_SSLCERTTYPE\fP. + +With NSS or Secure Transport, this can also be the nickname of the certificate +you wish to authenticate with as it is named in the security database. If you +want to use a file from the current directory, please precede it with "./" +prefix, in order to avoid confusion with a nickname. .IP CURLOPT_SSLCERTTYPE Pass a pointer to a zero terminated string as parameter. The string should be -the format of your certificate. Supported formats are "PEM" and "DER". (Added -in 7.9.3) +the format of your certificate. Supported formats are "PEM" and "DER", except +with Secure Transport. OpenSSL (versions 0.9.3 and later) and Secure Transport +(on iOS 5 or later, or OS X 10.6 or later) also support "P12" for +PKCS#12-encoded files. (Added in 7.9.3) .IP CURLOPT_SSLKEY Pass a pointer to a zero terminated string as parameter. The string should be the file name of your private key. The default format is "PEM" and can be @@ -2328,7 +2326,7 @@ changed with \fICURLOPT_SSLKEYTYPE\fP. (iOS and Mac OS X only) This option is ignored if curl was built against Secure Transport. Secure Transport expects the private key to be already present in -the keychain containing the certificate. +the keychain or PKCS#12 file containing the certificate. .IP CURLOPT_SSLKEYTYPE Pass a pointer to a zero terminated string as parameter. The string should be the format of your private key. Supported formats are "PEM", "DER" and "ENG". |