x SuSE Linux 13.1-RELEASE x
x SuSE Linux 13.1-RELEASEx
CURLOPT_SSLVERSION(3) libcurl CURLOPT_SSLVERSION(3)
NAME
CURLOPT_SSLVERSION - preferred TLS/SSL version
SYNOPSIS
#include <curl/curl.h>
CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSLVERSION, long version);
DESCRIPTION
Pass a long as parameter to control which version range of SSL/TLS ver-
sions to use.
The SSL and TLS versions have typically developed from the most inse-
cure version to be more and more secure in this order through history:
SSL v2, SSLv3, TLS v1.0, TLS v1.1, TLS v1.2 and the most recent TLS
v1.3.
Use one of the available defines for this purpose. The available
options are:
CURL_SSLVERSION_DEFAULT
The default acceptable version range. The minimum accept-
able version is by default TLS v1.0 since 7.39.0 (unless
the TLS library has a stricter rule).
CURL_SSLVERSION_TLSv1
TLS v1.0 or later
CURL_SSLVERSION_SSLv2
SSL v2 - refused
CURL_SSLVERSION_SSLv3
SSL v3 - refused
CURL_SSLVERSION_TLSv1_0
TLS v1.0 or later (Added in 7.34.0)
CURL_SSLVERSION_TLSv1_1
TLS v1.1 or later (Added in 7.34.0)
CURL_SSLVERSION_TLSv1_2
TLS v1.2 or later (Added in 7.34.0)
CURL_SSLVERSION_TLSv1_3
TLS v1.3 or later (Added in 7.52.0)
The maximum TLS version can be set by using one of the CURL_SSLVER-
SION_MAX_ macros below. It is also possible to OR one of the
CURL_SSLVERSION_ macros with one of the CURL_SSLVERSION_MAX_ macros.
The MAX macros are not supported for WolfSSL.
CURL_SSLVERSION_MAX_DEFAULT
The flag defines the maximum supported TLS version by
libcurl, or the default value from the SSL library is
used. libcurl uses a sensible default maximum, which was
TLS v1.2 up to before 7.61.0 and is TLS v1.3 since then -
assuming the TLS library support it. (Added in 7.54.0)
CURL_SSLVERSION_MAX_TLSv1_0
The flag defines maximum supported TLS version as TLS
v1.0. (Added in 7.54.0)
CURL_SSLVERSION_MAX_TLSv1_1
The flag defines maximum supported TLS version as TLS
v1.1. (Added in 7.54.0)
CURL_SSLVERSION_MAX_TLSv1_2
The flag defines maximum supported TLS version as TLS
v1.2. (Added in 7.54.0)
CURL_SSLVERSION_MAX_TLSv1_3
The flag defines maximum supported TLS version as TLS
v1.3. (Added in 7.54.0)
In versions of curl prior to 7.54 the CURL_SSLVERSION_TLS options were
documented to allow only the specified TLS version, but behavior was
inconsistent depending on the TLS library.
DEFAULT
CURL_SSLVERSION_DEFAULT
PROTOCOLS
All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
EXAMPLE
CURL *curl = curl_easy_init();
if(curl) {
curl_easy_setopt(curl, CURLOPT_URL, "https://example.com");
/* ask libcurl to use TLS version 1.0 or later */
curl_easy_setopt(curl, CURLOPT_SSLVERSION, (long)CURL_SSLVERSION_TLSv1);
/* Perform the request */
curl_easy_perform(curl);
}
AVAILABILITY
SSLv2 and SSLv3 are refused completely since curl 7.77.0
SSLv2 is disabled by default since 7.18.1. Other SSL versions avail-
ability may vary depending on which backend libcurl has been built to
use.
SSLv3 is disabled by default since 7.39.0.
RETURN VALUE
Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION
if not.
SEE ALSO
CURLOPT_HTTP_VERSION(3), CURLOPT_IPRESOLVE(3), CURLOPT_PROXY_SSLVER-
SION(3), CURLOPT_USE_SSL(3)
ibcurl 8.4.0 September 26, 2023 CURLOPT_SSLVERSION(3)
Want to link to this manual page? Use this URL:
<http://star2.abcm.com/cgi-bin/bsdi-man?query=CURLOPT_SSLVERSION&sektion=3&manpath=>