aboutsummaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authormoparisthebest <admin@moparisthebest.com>2014-11-24 19:30:09 +0100
committerPatrick Monnerat <pm@datasphere.ch>2014-11-24 19:30:09 +0100
commitbe1a5051890b7ad9339b0208424b94aa32c64776 (patch)
treed98e121223d1959808a8446e9000ecacaf70a1c8 /docs
parent2008c92513cee98ded80ed9ffaf984edc0c97c33 (diff)
SSL: Add PEM format support for public key pinning
Diffstat (limited to 'docs')
-rw-r--r--docs/curl.14
-rw-r--r--docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.32
2 files changed, 3 insertions, 3 deletions
diff --git a/docs/curl.1 b/docs/curl.1
index 5f88cffb8..7d914645d 100644
--- a/docs/curl.1
+++ b/docs/curl.1
@@ -539,14 +539,14 @@ If this option is set, the default capath value will be ignored, and if it is
used several times, the last one will be used.
.IP "--pinnedpubkey <pinned public key>"
(SSL) Tells curl to use the specified public key file to verify the peer. The
-file must contain a single public key in DER format.
+file must contain a single public key in PEM or DER format.
When negotiating a TLS or SSL connection, the server sends a certificate
indicating its identity. A public key is extracted from this certificate and
if it does not exactly match the public key provided to this option, curl will
abort the connection before sending or receiving any data.
-This is currently only implemented in the OpenSSL and GnuTLS backends.
+This is currently only implemented in the OpenSSL, GnuTLS and GSKit backends.
If this option is used several times, the last one will be used.
(Added in 7.39.0)
diff --git a/docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.3 b/docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.3
index d7c6932e3..2d8639275 100644
--- a/docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.3
+++ b/docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.3
@@ -29,7 +29,7 @@ CURLOPT_PINNEDPUBLICKEY \- set pinned public key
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PINNEDPUBLICKEY, char *pinnedpubkey);
.SH DESCRIPTION
Pass a pointer to a zero terminated string as parameter. The string should be
-the file name of your pinned public key. The format expected is "DER".
+the file name of your pinned public key. The format expected is "PEM" or "DER".
When negotiating a TLS or SSL connection, the server sends a certificate
indicating its identity. A public key is extracted from this certificate and