generic-library/curl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

darwinssl: add support for PKCS#12 files for client authentication

Browse Source 
I also documented the fact that the OpenSSL engine also supports them.
This commit is contained in:
Nick Zitzmann
2013-09-05 18:57:06 -05:00
parent 316ca865e3
commit d2fe616e7e
3 changed files with 123 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
docs/libcurl/curl_easy_setopt.3
View File

@@ -2305,22 +2305,20 @@ timeout is set, the internal default of 60000 will be used. (Added in 7.24.0)
.SH SSL and SECURITY OPTIONS
.IP CURLOPT_SSLCERT
Pass a pointer to a zero terminated string as parameter. The string should be
the file name of your certificate. The default format is "PEM" and can be
changed with \fICURLOPT_SSLCERTTYPE\fP.
the file name of your certificate. The default format is "P12" on Secure
Transport and "PEM" on other engines, and can be changed with
\fICURLOPT_SSLCERTTYPE\fP.
With NSS this can also be the nickname of the certificate you wish to
authenticate with. If you want to use a file from the current directory, please
precede it with "./" prefix, in order to avoid confusion with a nickname.
(iOS and Mac OS X only) With Secure Transport, this string must match the name
of a certificate that's in the system or user keychain. You should encode this
string in UTF-8 format in case it contains non-ASCII characters. The private
key corresponding to the certificate, and certificate chain (if any), must
also be present in the keychain. (Added in 7.31.0)
With NSS or Secure Transport, this can also be the nickname of the certificate
you wish to authenticate with as it is named in the security database. If you
want to use a file from the current directory, please precede it with "./"
prefix, in order to avoid confusion with a nickname.
.IP CURLOPT_SSLCERTTYPE
Pass a pointer to a zero terminated string as parameter. The string should be
the format of your certificate. Supported formats are "PEM" and "DER". (Added
in 7.9.3)
the format of your certificate. Supported formats are "PEM" and "DER", except
with Secure Transport. OpenSSL (versions 0.9.3 and later) and Secure Transport
(on iOS 5 or later, or OS X 10.6 or later) also support "P12" for
PKCS#12-encoded files. (Added in 7.9.3)
.IP CURLOPT_SSLKEY
Pass a pointer to a zero terminated string as parameter. The string should be
the file name of your private key. The default format is "PEM" and can be
@@ -2328,7 +2326,7 @@ changed with \fICURLOPT_SSLKEYTYPE\fP.
(iOS and Mac OS X only) This option is ignored if curl was built against Secure
Transport. Secure Transport expects the private key to be already present in
the keychain containing the certificate.
the keychain or PKCS#12 file containing the certificate.
.IP CURLOPT_SSLKEYTYPE
Pass a pointer to a zero terminated string as parameter. The string should be
the format of your private key. Supported formats are "PEM", "DER" and "ENG".