From bd0c3b3c66da5c087479a81234002151333d808f Mon Sep 17 00:00:00 2001 From: Alessandro Ghedini Date: Mon, 16 Jun 2014 20:47:26 +0200 Subject: curl: add --cert-status option This enables the CURLOPT_SSL_VERIFYSTATUS functionality. --- docs/curl.1 | 10 ++++++++++ 1 file changed, 10 insertions(+) (limited to 'docs') diff --git a/docs/curl.1 b/docs/curl.1 index 0b9971cd2..40cfbedff 100644 --- a/docs/curl.1 +++ b/docs/curl.1 @@ -552,6 +552,16 @@ This is currently only implemented in the OpenSSL, GnuTLS and GSKit backends. If this option is used several times, the last one will be used. (Added in 7.39.0) +.IP "--cert-status" +(SSL) Tells curl to verify the status of the server certificate by using the +Certificate Status Request (aka. OCSP stapling) TLS extension. + +If this option is enabled and the server sends an invalid (e.g. expired) +response, if the response suggests that the server certificate has been revoked, +or no response at all is received, the verification fails. + +This is currently only implemented in the GnuTLS and NSS backends. +(Added in 7.41.0) .IP "-f, --fail" (HTTP) Fail silently (no output at all) on server errors. This is mostly done to better enable scripts etc to better deal with failed attempts. In normal -- cgit v1.2.3