1---
2c: Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
3SPDX-License-Identifier: curl
4Title: CURLOPT_PROXY_SSLKEY_BLOB
5Section: 3
6Source: libcurl
7See-also:
8  - CURLOPT_SSLKEY (3)
9  - CURLOPT_SSLKEYTYPE (3)
10  - CURLOPT_SSLKEY_BLOB (3)
11Protocol:
12  - TLS
13TLS-backend:
14  - OpenSSL
15---
16
17# NAME
18
19CURLOPT_PROXY_SSLKEY_BLOB - private key for proxy cert from memory blob
20
21# SYNOPSIS
22
23~~~c
24#include <curl/curl.h>
25
26CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SSLKEY_BLOB,
27                          struct curl_blob *blob);
28~~~
29
30# DESCRIPTION
31
32Pass a pointer to a curl_blob structure that contains information (pointer and
33size) about the private key for connecting to the HTTPS proxy. Compatible with
34OpenSSL. The format (like "PEM") must be specified with
35CURLOPT_PROXY_SSLKEYTYPE(3).
36
37If the blob is initialized with the flags member of struct curl_blob set to
38CURL_BLOB_COPY, the application does not have to keep the buffer around after
39setting this.
40
41# DEFAULT
42
43NULL
44
45# EXAMPLE
46
47~~~c
48
49extern char *certificateData; /* point to data */
50extern size_t filesize; /* size of data */
51
52extern char *privateKeyData; /* point to data */
53extern size_t privateKeySize; /* size */
54
55int main(void)
56{
57  CURL *curl = curl_easy_init();
58  if(curl) {
59    CURLcode res;
60    struct curl_blob blob;
61    curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
62    curl_easy_setopt(curl, CURLOPT_PROXY, "https://proxy");
63    blob.data = certificateData;
64    blob.len = filesize;
65    blob.flags = CURL_BLOB_COPY;
66    curl_easy_setopt(curl, CURLOPT_PROXY_SSLCERT_BLOB, &blob);
67    curl_easy_setopt(curl, CURLOPT_PROXY_SSLCERTTYPE, "PEM");
68
69    blob.data = privateKeyData;
70    blob.len = privateKeySize;
71    curl_easy_setopt(curl, CURLOPT_PROXY_SSLKEY_BLOB, &blob);
72    curl_easy_setopt(curl, CURLOPT_PROXY_KEYPASSWD, "s3cret");
73    res = curl_easy_perform(curl);
74    curl_easy_cleanup(curl);
75  }
76}
77~~~
78
79# AVAILABILITY
80
81Added in 7.71.0. This option is supported by the OpenSSL backends.
82
83# RETURN VALUE
84
85Returns CURLE_OK if TLS enabled, CURLE_UNKNOWN_OPTION if not, or
86CURLE_OUT_OF_MEMORY if there was insufficient heap space.
87