aboutsummaryrefslogtreecommitdiff
path: root/docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.3
AgeCommit message (Collapse)Author
2014-10-30CURLOPT_PINNEDPUBLICKEY.3: added detailsDaniel Stenberg
2014-10-07SSL: implement public key pinningmoparisthebest
Option --pinnedpubkey takes a path to a public key in DER format and only connect if it matches (currently only implemented with OpenSSL). Provides CURLOPT_PINNEDPUBLICKEY for curl_easy_setopt(). Extract a public RSA key from a website like so: openssl s_client -connect google.com:443 2>&1 < /dev/null | \ sed -n '/-----BEGIN/,/-----END/p' | openssl x509 -noout -pubkey \ | openssl rsa -pubin -outform DER > google.com.der