1 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
2 "http://www.w3.org/TR/html4/loose.dtd">
4 <title>CURLOPT_SSL_OPTIONS man page</title>
5 <meta name="generator" content="roffit">
6 <STYLE type="text/css">
12 P.level0, pre.level0 {
16 P.level1, pre.level1 {
20 P.level2, pre.level2 {
37 background-color: #e0e0e0;
43 font-family: monospace;
53 <p class="level0"><a name="NAME"></a><h2 class="nroffsh">NAME</h2>
54 <p class="level0">CURLOPT_SSL_OPTIONS - set SSL behavior options <a name="SYNOPSIS"></a><h2 class="nroffsh">SYNOPSIS</h2>
55 <p class="level0">#include <curl/curl.h>
56 <p class="level0">CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSL_OPTIONS, long bitmask); <a name="DESCRIPTION"></a><h2 class="nroffsh">DESCRIPTION</h2>
57 <p class="level0">Pass a long with a bitmask to tell libcurl about specific SSL behaviors.
58 <p class="level0"><span Class="emphasis">CURLSSLOPT_ALLOW_BEAST</span> tells libcurl to not attempt to use any workarounds for a security flaw in the SSL3 and TLS1.0 protocols. If this option isn't used or this bit is set to 0, the SSL layer libcurl uses may use a work-around for this flaw although it might cause interoperability problems with some (older) SSL implementations. WARNING: avoiding this work-around lessens the security, and by setting this option to 1 you ask for exactly that. This option is only supported for DarwinSSL, NSS and OpenSSL.
59 <p class="level0">Added in 7.44.0:
60 <p class="level0"><span Class="emphasis">CURLSSLOPT_NO_REVOKE</span> tells libcurl to disable certificate revocation checks for those SSL backends where such behavior is present. <span class="bold">Currently this option is only supported for WinSSL (the native Windows SSL library), with an exception in the case of Windows' Untrusted Publishers blacklist which it seems can't be bypassed.</span> This option may have broader support to accommodate other SSL backends in the future. <a href="https://curl.haxx.se/docs/ssl-compared.html">https://curl.haxx.se/docs/ssl-compared.html</a>
62 <p class="level0"><a name="DEFAULT"></a><h2 class="nroffsh">DEFAULT</h2>
63 <p class="level0">0 <a name="PROTOCOLS"></a><h2 class="nroffsh">PROTOCOLS</h2>
64 <p class="level0">All TLS-based protocols <a name="EXAMPLE"></a><h2 class="nroffsh">EXAMPLE</h2>
65 <p class="level0">TODO <a name="AVAILABILITY"></a><h2 class="nroffsh">AVAILABILITY</h2>
66 <p class="level0">Added in 7.25.0 <a name="RETURN"></a><h2 class="nroffsh">RETURN VALUE</h2>
67 <p class="level0">Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not. <a name="SEE"></a><h2 class="nroffsh">SEE ALSO</h2>
68 <p class="level0"><a Class="manpage" href="./CURLOPT_SSLVERSION.html">CURLOPT_SSLVERSION</a>, <a Class="manpage" href="./CURLOPT_SSL_CIPHER_LIST.html">CURLOPT_SSL_CIPHER_LIST</a><p class="roffit">
69 This HTML page was made with <a href="http://daniel.haxx.se/projects/roffit/">roffit</a>.