1---
2c: Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
3SPDX-License-Identifier: curl
4Title: CURLOPT_SSLKEY_BLOB
5Section: 3
6Source: libcurl
7See-also:
8  - CURLOPT_SSLKEY (3)
9  - CURLOPT_SSLKEYTYPE (3)
10Protocol:
11  - TLS
12TLS-backend:
13  - OpenSSL
14  - wolfSSL
15Added-in: 7.71.0
16---
17
18# NAME
19
20CURLOPT_SSLKEY_BLOB - private key for client cert from memory blob
21
22# SYNOPSIS
23
24~~~c
25#include <curl/curl.h>
26
27CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSLKEY_BLOB,
28                          struct curl_blob *blob);
29~~~
30
31# DESCRIPTION
32
33Pass a pointer to a curl_blob structure, which contains information (pointer
34and size) for a private key. Compatible with OpenSSL. The format (like "PEM")
35must be specified with CURLOPT_SSLKEYTYPE(3).
36
37If the blob is initialized with the flags member of struct curl_blob set to
38CURL_BLOB_COPY, the application does not have to keep the buffer around after
39setting this.
40
41This option is an alternative to CURLOPT_SSLKEY(3) which instead expects a
42filename as input.
43
44# DEFAULT
45
46NULL
47
48# %PROTOCOLS%
49
50# EXAMPLE
51
52~~~c
53
54extern char *certificateData; /* point to cert */
55extern size_t filesize; /* size of cert */
56
57extern char *privateKeyData; /* point to key */
58extern size_t privateKeySize; /* size of key */
59
60int main(void)
61{
62  CURL *curl = curl_easy_init();
63  if(curl) {
64    CURLcode res;
65    struct curl_blob blob;
66    curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
67    blob.data = certificateData;
68    blob.len = filesize;
69    blob.flags = CURL_BLOB_COPY;
70    curl_easy_setopt(curl, CURLOPT_SSLCERT_BLOB, &blob);
71    curl_easy_setopt(curl, CURLOPT_SSLCERTTYPE, "PEM");
72
73    blob.data = privateKeyData;
74    blob.len = privateKeySize;
75    curl_easy_setopt(curl, CURLOPT_SSLKEY_BLOB, &blob);
76    curl_easy_setopt(curl, CURLOPT_KEYPASSWD, "s3cret");
77    curl_easy_setopt(curl, CURLOPT_SSLKEYTYPE, "PEM");
78    res = curl_easy_perform(curl);
79    curl_easy_cleanup(curl);
80  }
81}
82~~~
83
84# %AVAILABILITY%
85
86# RETURN VALUE
87
88Returns CURLE_OK if TLS enabled, CURLE_UNKNOWN_OPTION if not, or
89CURLE_OUT_OF_MEMORY if there was insufficient heap space.
90