From f0819f99ae226c293c0f49ef5e715a44bdad618b Mon Sep 17 00:00:00 2001 From: Archangel_SDY Date: Wed, 18 Apr 2018 21:01:14 +0800 Subject: CURLOPT_SSLCERT.3: improve WinSSL-specific usage info Ref: https://github.com/curl/curl/pull/2376#issuecomment-381858780 Closes https://github.com/curl/curl/pull/2504 --- docs/libcurl/opts/CURLOPT_SSLCERT.3 | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) (limited to 'docs/libcurl/opts') diff --git a/docs/libcurl/opts/CURLOPT_SSLCERT.3 b/docs/libcurl/opts/CURLOPT_SSLCERT.3 index 3f40b73b9..bd867772a 100644 --- a/docs/libcurl/opts/CURLOPT_SSLCERT.3 +++ b/docs/libcurl/opts/CURLOPT_SSLCERT.3 @@ -38,8 +38,16 @@ you wish to authenticate with as it is named in the security database. If you want to use a file from the current directory, please precede it with "./" prefix, in order to avoid confusion with a nickname. -With WinSSL, this can be expression like "CurrentUser\\MY\\" to -refer to a certificate in the system certificates store. +(Schannel/WinSSL only) Client certificates must be specified by a path +expression to a certificate store. (Loading PFX is not supported; you can +import it to a store first). You can use +"\\\\" to refer to a certificate +in the system certificates store, for example, +"CurrentUser\\MY\\934a7ac6f8a5d579285a74fa61e19f23ddfe8d7a". Thumbprint is +usually a SHA-1 hex string which you can see in certificate details. Following +store locations are supported: CurrentUser, LocalMachine, CurrentService, +Services, CurrentUserGroupPolicy, LocalMachineGroupPolicy, +LocalMachineEnterprise. When using a client certificate, you most likely also need to provide a private key with \fICURLOPT_SSLKEY(3)\fP. -- cgit v1.2.3