Home
last modified time | relevance | path

Searched refs:certificate (Results 1 – 25 of 105) sorted by relevance

12345

/curl/docs/cmdline-opts/
H A Dcert.md6 Arg: <certificate[:password]>
7 Help: Client certificate file and password
22 Use the specified client certificate file when getting a file with HTTPS, FTPS
23 or another SSL-based protocol. The certificate must be in PKCS#12 format if
26 that this option assumes a certificate file that is the private key and the
27 client certificate concatenated. See --cert and --key to specify them
30 In the \<certificate\> portion of the argument, you must escape the character
43 a certificate located in a PKCS#11 device. A string beginning with `pkcs11:`
47 certificate string can either be the name of a certificate/private key in the
48 system or user keychain, or the path to a PKCS#12-encoded certificate and
[all …]
H A Dssl-auto-client-cert.md5 Help: Use auto client certificate (Schannel)
18 (Schannel) Automatically locate and use a client certificate for
20 certificate that supports client authentication in the OS certificate store it
H A Dproxy-insecure.md25 proxy's TLS certificate before it continues: that the certificate contains the
26 right name which matches the hostname and that the certificate has been signed
27 by a CA certificate present in the cert store. See this online resource for
H A Dproxy-cert.md6 Help: Set client certificate for proxy
20 Use the specified client certificate file when communicating with an HTTPS
21 proxy. The certificate must be in PKCS#12 format if using Secure Transport, or
H A Dinsecure.md26 server's TLS certificate before it continues: that the certificate contains
28 certificate has been signed by a CA certificate present in the cert store. See
H A Dftp-alternative-to-user.md22 client certificate, using "SITE AUTH" tells the server to retrieve the
23 username from the certificate.
H A Dcacert.md6 Help: CA certificate to verify peer against
21 Use the specified certificate file to verify the peer. The file may contain
22 multiple CA certificates. The certificate(s) must be in PEM format. Normally
41 method of verifying the peer's certificate chain.
/curl/docs/libcurl/opts/
H A DCURLOPT_PROXY_SSL_VERIFYPEER.md20 CURLOPT_PROXY_SSL_VERIFYPEER - verify the proxy's SSL certificate
36 certificate. A value of 1 means curl verifies; 0 (zero) means it does not.
41 When negotiating a TLS or SSL connection, the server sends a certificate
42 indicating its identity. Curl verifies whether the certificate is authentic,
43 i.e. that you can trust that the server is who the certificate says it is.
51 fails to prove that the certificate is authentic, the connection fails. When
52 the option is zero, the peer certificate verification succeeds regardless.
54 Authenticating the certificate is not enough to be sure about the server. You
57 hostname in the certificate is valid for the hostname you are connecting to is
60 WARNING: disabling verification of the certificate allows bad guys to
[all …]
H A DCURLOPT_SSL_VERIFYPEER.md23 CURLOPT_SSL_VERIFYPEER - verify the peer's SSL certificate
38 certificate. A value of 1 means curl verifies; 0 (zero) means it does not.
40 When negotiating a TLS or SSL connection, the server sends a certificate
41 indicating its identity. Curl verifies whether the certificate is authentic,
42 i.e. that you can trust that the server is who the certificate says it is.
50 prove that the certificate is signed by a CA, the connection fails.
53 and the peer certificate verification is simply skipped.
55 Authenticating the certificate is not enough to be sure about the server. You
58 name in the certificate is valid for the hostname you are connecting to is
61 WARNING: disabling verification of the certificate allows bad guys to
[all …]
H A DCURLOPT_DOH_SSL_VERIFYPEER.md24 CURLOPT_DOH_SSL_VERIFYPEER - verify the DoH SSL certificate
40 server's certificate. A value of 1 means curl verifies; 0 (zero) means it
46 When negotiating a TLS or SSL connection, the server sends a certificate
47 indicating its identity. Curl verifies whether the certificate is authentic,
48 i.e. that you can trust that the server is who the certificate says it is.
56 prove that the certificate is authentic, the connection fails. When the option
57 is zero, the peer certificate verification succeeds regardless.
59 Authenticating the certificate is not enough to be sure about the server. You
62 hostname in the certificate is valid for the hostname you are connecting to
65 WARNING: disabling verification of the certificate allows bad guys to
[all …]
H A DCURLOPT_SSL_VERIFYHOST.md20 CURLOPT_SSL_VERIFYHOST - verify the certificate's name against host
33 certificate.
35 When negotiating a TLS connection, the server sends a certificate indicating
38 When CURLOPT_SSL_VERIFYHOST(3) is set to 1 or 2, the server certificate must
41 certificate as is used in the URL you operate against.
44 Subject Alternate Name field in the certificate matches the hostname in the
48 in the certificate. Use that ability with caution,
52 the certificate is signed by a trusted Certificate Authority.
54 WARNING: disabling verification of the certificate allows bad guys to
67 A certificate can have the name as a wildcard. The only asterisk (`*`) must
[all …]
H A DCURLOPT_SSLCERT.md25 CURLOPT_SSLCERT - SSL client certificate
38 the filename of your client certificate. The default format is `P12` on Secure
42 With Secure Transport, this can also be the nickname of the certificate you
48 certificate store. (You can import *PFX* to a store first). You can use
49 "\<store location\>\\\<store name\>\\\<thumbprint\>" to refer to a certificate
52 string which you can see in certificate details. Following store locations are
55 **LocalMachineEnterprise**. Schannel also support P12 certificate file, with
58 When using a client certificate, you most likely also need to provide a
H A DCURLOPT_CA_CACHE_TIMEOUT.md25 CURLOPT_CA_CACHE_TIMEOUT - life-time for cached certificate stores
38 time any cached CA certificate store it has in memory may be kept and reused
40 requiring a CA certificate has to reload it.
42 Building a CA certificate store from a CURLOPT_CAINFO(3) file is a slow
43 operation so curl may cache the generated certificate store internally to
66 /* only reuse certificate stores for a short time */
H A DCURLOPT_PROXY_SSL_OPTIONS.md49 Tells libcurl to disable certificate revocation checks for those SSL backends
57 Tells libcurl to not accept "partial" certificate chains, which it otherwise
59 certificate verification if the chain ends with an intermediate certificate
64 Tells libcurl to ignore certificate revocation checks in case of missing or
72 Tell libcurl to use the operating system's native CA store for certificate
73 verification. If you set this option and also set a CA certificate file or
83 Tell libcurl to automatically locate and use a client certificate for
87 certificate that supports client authentication in the OS certificate store it
H A DCURLOPT_DOH_SSL_VERIFYHOST.md22 CURLOPT_DOH_SSL_VERIFYHOST - verify the hostname in the DoH SSL certificate
36 server's certificate name fields against the hostname.
41 When CURLOPT_DOH_SSL_VERIFYHOST(3) is 2, the SSL certificate provided by
46 Subject Alternate Name field in the certificate matches the hostname in the
54 the names used in the certificate. Use that ability with caution.
57 of the DoH server certificate.
H A DCURLOPT_ISSUERCERT.md21 CURLOPT_ISSUERCERT - issuer SSL certificate filename
34 certificate in PEM format. If the option is set, an additional check against
35 the peer certificate is performed to verify the issuer is indeed the one
36 associated with the certificate provided by the option. This additional check
38 certificate is from a specific branch of the tree.
46 mismatch with the issuer of peer certificate (CURLOPT_SSL_VERIFYPEER(3)
H A DCURLOPT_PROXY_ISSUERCERT.md23 CURLOPT_PROXY_ISSUERCERT - proxy issuer SSL certificate filename
36 certificate in PEM format. If the option is set, an additional check against
37 the peer certificate is performed to verify the issuer of the HTTPS proxy is
38 indeed the one associated with the certificate provided by the option. This
40 the peer certificate is from a specific branch of the tree.
48 mismatch with the issuer of peer certificate (CURLOPT_PROXY_SSL_VERIFYPEER(3)
H A DCURLOPT_PROXY_SSL_VERIFYHOST.md21 CURLOPT_PROXY_SSL_VERIFYHOST - verify the proxy certificate's name against host
35 certificate name fields against the proxy name.
40 When CURLOPT_PROXY_SSL_VERIFYHOST(3) is 2, the proxy certificate must
45 Subject Alternate Name field in the certificate matches the hostname in the
59 names used in the certificate. Use that ability with caution.
62 of the proxy certificate.
H A DCURLOPT_SSL_OPTIONS.md47 Tells libcurl to disable certificate revocation checks for those SSL backends
55 Tells libcurl to not accept "partial" certificate chains, which it otherwise
57 certificate verification if the chain ends with an intermediate certificate
62 Tells libcurl to ignore certificate revocation checks in case of missing or
70 Tell libcurl to use the operating system's native CA store for certificate
71 verification. If you set this option and also set a CA certificate file or
81 Tell libcurl to automatically locate and use a client certificate for
85 certificate that supports client authentication in the OS certificate store it
H A DCURLOPT_ISSUERCERT_BLOB.md21 CURLOPT_ISSUERCERT_BLOB - issuer SSL certificate from memory blob
35 and size) about a memory block with binary data of a CA certificate in PEM
36 format. If the option is set, an additional check against the peer certificate
38 certificate provided by the option. This additional check is useful in
39 multi-level PKI where one needs to enforce that the peer certificate is from a
48 mismatch with the issuer of peer certificate (CURLOPT_SSL_VERIFYPEER(3)
H A DCURLOPT_PROXY_ISSUERCERT_BLOB.md22 CURLOPT_PROXY_ISSUERCERT_BLOB - proxy issuer SSL certificate from memory blob
36 size) about a memory block with binary data of a CA certificate in PEM
37 format. If the option is set, an additional check against the peer certificate
39 associated with the certificate provided by the option. This additional check
41 certificate is from a specific branch of the tree.
49 mismatch with the issuer of peer certificate
H A DCURLINFO_CERTINFO.md23 CURLINFO_CERTINFO - get the TLS certificate chain
37 struct that holds info about the server's certificate chain, assuming you had
47 The *certinfo* struct member is an array of linked lists of certificate
49 which is the number of elements in the array. Each certificate's list has
52 the SSL backend and the certificate.
H A DCURLOPT_PINNEDPUBLICKEY.md44 When negotiating a TLS or SSL connection, the server sends a certificate
45 indicating its identity. A public key is extracted from this certificate and
88 server's certificate.
90 # retrieve the server's certificate if you do not already have it
92 # be sure to examine the certificate to see if it is what you expected
97 # - If you do not have sed, then just copy the certificate into a file:
103 # extract public key in pem format from certificate
H A DCURLOPT_PROXY_PINNEDPUBLICKEY.md43 When negotiating a TLS or SSL connection, the https proxy sends a certificate
44 indicating its identity. A public key is extracted from this certificate and
85 from the https proxy server's certificate.
87 # retrieve the server's certificate if you do not already have it
89 # be sure to examine the certificate to see if it is what you expected
94 # - If you do not have sed, then just copy the certificate into a file:
100 # extract public key in pem format from certificate
H A DCURLOPT_PROXY_SSLCERT.md25 CURLOPT_PROXY_SSLCERT - HTTPS proxy client certificate
40 the filename of your client certificate used to connect to the HTTPS proxy.
44 With Secure Transport, this can also be the nickname of the certificate you
49 When using a client certificate, you most likely also need to provide a

Completed in 82 milliseconds

12345