1--- 2c: Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al. 3SPDX-License-Identifier: curl 4Title: CURLOPT_TLS13_CIPHERS 5Section: 3 6Source: libcurl 7See-also: 8 - CURLOPT_PROXY_SSLVERSION (3) 9 - CURLOPT_PROXY_SSL_CIPHER_LIST (3) 10 - CURLOPT_PROXY_TLS13_CIPHERS (3) 11 - CURLOPT_SSLVERSION (3) 12 - CURLOPT_SSL_CIPHER_LIST (3) 13 - CURLOPT_USE_SSL (3) 14Protocol: 15 - TLS 16TLS-backend: 17 - OpenSSL 18 - Schannel 19--- 20 21# NAME 22 23CURLOPT_TLS13_CIPHERS - ciphers suites to use for TLS 1.3 24 25# SYNOPSIS 26 27~~~c 28#include <curl/curl.h> 29 30CURLcode curl_easy_setopt(CURL *handle, CURLOPT_TLS13_CIPHERS, char *list); 31~~~ 32 33# DESCRIPTION 34 35Pass a char pointer, pointing to a null-terminated string holding the list of 36cipher suites to use for the TLS 1.3 connection. The list must be 37syntactically correct, it consists of one or more cipher suite strings 38separated by colons. 39 40Find more details about cipher lists on this URL: 41 42 https://curl.se/docs/ssl-ciphers.html 43 44This option is currently used only when curl is built to use OpenSSL 1.1.1 or 45later, or Schannel. If you are using a different SSL backend you can try 46setting TLS 1.3 cipher suites by using the CURLOPT_SSL_CIPHER_LIST(3) 47option. 48 49The application does not have to keep the string around after setting this 50option. 51 52# DEFAULT 53 54NULL, use internal default 55 56# EXAMPLE 57 58~~~c 59int main(void) 60{ 61 CURL *curl = curl_easy_init(); 62 if(curl) { 63 CURLcode res; 64 curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/"); 65 curl_easy_setopt(curl, CURLOPT_TLS13_CIPHERS, 66 "TLS_CHACHA20_POLY1305_SHA256"); 67 res = curl_easy_perform(curl); 68 curl_easy_cleanup(curl); 69 } 70} 71~~~ 72 73# AVAILABILITY 74 75Added in 7.61.0 for OpenSSL. Available when built with OpenSSL \>= 1.1.1. 76 77Added in 7.85.0 for Schannel. 78 79# RETURN VALUE 80 81Returns CURLE_OK if supported, CURLE_NOT_BUILT_IN otherwise. 82