1--- 2c: Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al. 3SPDX-License-Identifier: curl 4Title: CURLOPT_SSLCERT_BLOB 5Section: 3 6Source: libcurl 7See-also: 8 - CURLOPT_KEYPASSWD (3) 9 - CURLOPT_SSLCERTTYPE (3) 10 - CURLOPT_SSLKEY (3) 11Protocol: 12 - TLS 13TLS-backend: 14 - OpenSSL 15 - Secure Transport 16 - Schannel 17 - mbedTLS 18--- 19 20# NAME 21 22CURLOPT_SSLCERT_BLOB - SSL client certificate from memory blob 23 24# SYNOPSIS 25 26~~~c 27#include <curl/curl.h> 28 29CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSLCERT_BLOB, 30 struct curl_blob *stblob); 31~~~ 32 33# DESCRIPTION 34 35Pass a pointer to a curl_blob structure, which contains (pointer and size) a 36client certificate. The format must be "P12" on Secure Transport or 37Schannel. The format must be "P12" or "PEM" on OpenSSL. The format must be 38"DER" or "PEM" on mbedTLS. The format must be specified with 39CURLOPT_SSLCERTTYPE(3). 40 41If the blob is initialized with the flags member of struct curl_blob set to 42CURL_BLOB_COPY, the application does not have to keep the buffer around after 43setting this. 44 45This option is an alternative to CURLOPT_SSLCERT(3) which instead 46expects a filename as input. 47 48# DEFAULT 49 50NULL 51 52# EXAMPLE 53 54~~~c 55 56extern char *certificateData; /* point to data */ 57extern size_t filesize; /* size of data */ 58 59int main(void) 60{ 61 CURL *curl = curl_easy_init(); 62 if(curl) { 63 CURLcode res; 64 struct curl_blob stblob; 65 stblob.data = certificateData; 66 stblob.len = filesize; 67 stblob.flags = CURL_BLOB_COPY; 68 curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/"); 69 curl_easy_setopt(curl, CURLOPT_SSLCERT_BLOB, &stblob); 70 curl_easy_setopt(curl, CURLOPT_SSLCERTTYPE, "P12"); 71 curl_easy_setopt(curl, CURLOPT_KEYPASSWD, "s3cret"); 72 res = curl_easy_perform(curl); 73 curl_easy_cleanup(curl); 74 } 75} 76~~~ 77 78# AVAILABILITY 79 80Added in 7.71.0. This option is supported by the OpenSSL, Secure Transport, 81Schannel and mbedTLS (since 7.78.0) backends. 82 83# RETURN VALUE 84 85Returns CURLE_OK if TLS enabled, CURLE_UNKNOWN_OPTION if not, or 86CURLE_OUT_OF_MEMORY if there was insufficient heap space. 87