OpenSuSE Man Pages

Man Page or Keyword Search:
Man Architecture
Apropos Keyword Search (all sections) Output format
home | help 
x SuSE Linux 13.1-RELEASE x
x SuSE Linux 13.1-RELEASEx
CURLOPT_CRLFILE(3)                  libcurl                 CURLOPT_CRLFILE(3)

NAME
       CURLOPT_CRLFILE - Certificate Revocation List file

SYNOPSIS
       #include <curl/curl.h>

       CURLcode curl_easy_setopt(CURL *handle, CURLOPT_CRLFILE, char *file);

DESCRIPTION
       Pass  a  char * to a null-terminated string naming a file with the con-
       catenation of CRL (in PEM format) to use in the certificate  validation
       that occurs during the SSL exchange.

       When  curl is built to use GnuTLS, there is no way to influence the use
       of CRL passed to help in the verification process.

       When libcurl is built with OpenSSL support,  X509_V_FLAG_CRL_CHECK  and
       X509_V_FLAG_CRL_CHECK_ALL are both set, requiring CRL check against all
       the elements of the certificate chain if a CRL  file  is  passed.  Also
       note  that  CURLOPT_CRLFILE(3)  implies CURLSSLOPT_NO_PARTIALCHAIN (see
       CURLOPT_SSL_OPTIONS(3)) since curl 7.71.0 due to an OpenSSL bug.

       This option makes sense only when used in  combination  with  the  CUR-
       LOPT_SSL_VERIFYPEER(3) option.

       A  specific  error  code  (CURLE_SSL_CRL_BADFILE)  is  defined with the
       option. It is returned when the SSL exchange fails because the CRL file
       cannot be loaded.  A failure in certificate verification due to a revo-
       cation information found in the CRL  does  not  trigger  this  specific
       error.

       The  application  does not have to keep the string around after setting
       this option.

DEFAULT
       NULL

PROTOCOLS
       All TLS-based protocols

EXAMPLE
       CURL *curl = curl_easy_init();
       if(curl) {
         curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
         curl_easy_setopt(curl, CURLOPT_CRLFILE, "/etc/certs/crl.pem");
         ret = curl_easy_perform(curl);
         curl_easy_cleanup(curl);
       }

AVAILABILITY
       Added in 7.19.0

RETURN VALUE
       Returns CURLE_OK if the option is  supported,  CURLE_UNKNOWN_OPTION  if
       not, or CURLE_OUT_OF_MEMORY if there was insufficient heap space.

SEE ALSO
       CURLOPT_PROXY_CRLFILE(3),  CURLOPT_SSL_VERIFYHOST(3), CURLOPT_SSL_VERI-
       FYPEER(3)

ibcurl 8.4.0                  September 26, 2023            CURLOPT_CRLFILE(3)

Want to link to this manual page? Use this URL:
<http://star2.abcm.com/cgi-bin/bsdi-man?query=CURLOPT_CRLFILE&sektion=3&manpath=>

home | help