1--- 2c: Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al. 3SPDX-License-Identifier: curl 4Title: CURLOPT_SSL_VERIFYSTATUS 5Section: 3 6Source: libcurl 7See-also: 8 - CURLOPT_CAINFO (3) 9 - CURLOPT_SSL_VERIFYHOST (3) 10 - CURLOPT_SSL_VERIFYPEER (3) 11Protocol: 12 - TLS 13TLS-backend: 14 - OpenSSL 15 - GnuTLS 16--- 17 18# NAME 19 20CURLOPT_SSL_VERIFYSTATUS - verify the certificate's status 21 22# SYNOPSIS 23 24~~~c 25#include <curl/curl.h> 26 27CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSL_VERIFYSTATUS, long verify); 28~~~ 29 30# DESCRIPTION 31 32Pass a long as parameter set to 1 to enable or 0 to disable. 33 34This option determines whether libcurl verifies the status of the server cert 35using the "Certificate Status Request" TLS extension (aka. OCSP stapling). 36 37Note that if this option is enabled but the server does not support the TLS 38extension, the verification fails. 39 40# DEFAULT 41 420 43 44# EXAMPLE 45 46~~~c 47int main(void) 48{ 49 CURL *curl = curl_easy_init(); 50 if(curl) { 51 CURLcode res; 52 curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/"); 53 /* ask for OCSP stapling! */ 54 curl_easy_setopt(curl, CURLOPT_SSL_VERIFYSTATUS, 1L); 55 res = curl_easy_perform(curl); 56 curl_easy_cleanup(curl); 57 } 58} 59~~~ 60 61# AVAILABILITY 62 63Added in 7.41.0. This option is currently only supported by the OpenSSL and 64GnuTLS TLS backends. 65 66# RETURN VALUE 67 68Returns CURLE_OK if OCSP stapling is supported by the SSL backend, otherwise 69returns CURLE_NOT_BUILT_IN. 70