curlopt_proxy_crlfile(3) [mojave man page]
CURLOPT_PROXY_CRLFILE(3) curl_easy_setopt options CURLOPT_PROXY_CRLFILE(3) NAME
CURLOPT_PROXY_CRLFILE - specify a proxy Certificate Revocation List file SYNOPSIS
#include <curl/curl.h> CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_CRLFILE, char *file); DESCRIPTION
This option is for connecting to a HTTPS proxy, not a HTTPS server. Pass a char * to a zero terminated string naming a file with the concatenation of CRL (in PEM format) to use in the certificate validation that occurs during the SSL exchange. When curl is built to use NSS or GnuTLS, there is no way to influence the use of CRL passed to help in the verification process. When libcurl is built with OpenSSL support, X509_V_FLAG_CRL_CHECK and X509_V_FLAG_CRL_CHECK_ALL are both set, requiring CRL check against all the elements of the certificate chain if a CRL file is passed. This option makes sense only when used in combination with the CURLOPT_PROXY_SSL_VERIFYPEER(3) option. A specific error code (CURLE_SSL_CRL_BADFILE) is defined with the option. It is returned when the SSL exchange fails because the CRL file cannot be loaded. A failure in certificate verification due to a revocation information found in the CRL does not trigger this specific error. The application does not have to keep the string around after setting this option. DEFAULT
NULL PROTOCOLS
Used with HTTPS proxy. EXAMPLE
TODO AVAILABILITY
Added in 7.52.0 RETURN VALUE
Returns CURLE_OK if the option is supported, CURLE_UNKNOWN_OPTION if not, or CURLE_OUT_OF_MEMORY if there was insufficient heap space. SEE ALSO
CURLOPT_PROXY_SSL_VERIFYPEER(3), CURLOPT_PROXY_SSL_VERIFYHOST(3), CURLOPT_SSL_VERIFYPEER(3), CURLOPT_SSL_VERIFYHOST(3), libcurl 7.54.0 December 21, 2016 CURLOPT_PROXY_CRLFILE(3)
Check Out this Related Man Page
CURLOPT_PROXY_SSL_VERIFYHOST(3) curl_easy_setopt options CURLOPT_PROXY_SSL_VERIFYHOST(3) NAME
CURLOPT_PROXY_SSL_VERIFYHOST - verify the proxy certificate's name against host SYNOPSIS
#include <curl/curl.h> CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SSL_VERIFYHOST, long verify); DESCRIPTION
Pass a long set to 2L as asking curl to verify in the HTTPS proxy's certificate name fields against the proxy name. This option determines whether libcurl verifies that the proxy cert contains the correct name for the name it is known as. When CURLOPT_PROXY_SSL_VERIFYHOST(3) is 2, the proxy certificate must indicate that the server is the proxy to which you meant to connect to, or the connection fails. Curl considers the proxy the intended one when the Common Name field or a Subject Alternate Name field in the certificate matches the host name in the proxy string which you told curl to use. When the verify value is 1L, curl_easy_setopt will return an error and the option value will not be changed due to old legacy reasons. When the verify value is 0L, the connection succeeds regardless of the names used in the certificate. Use that ability with caution! See also CURLOPT_PROXY_SSL_VERIFYPEER(3) to verify the digital signature of the proxy certificate. If libcurl is built against NSS and CURLOPT_PROXY_SSL_VERIFYPEER(3) is zero, CURLOPT_PROXY_SSL_VERIFYHOST(3) is also set to zero and cannot be overridden. DEFAULT
2 PROTOCOLS
All protocols when used over a HTTPS proxy. EXAMPLE
CURL *curl = curl_easy_init(); if(curl) { curl_easy_setopt(curl, CURLOPT_URL, "https://example.com"); /* Set the default value: strict name check please */ curl_easy_setopt(curl, CURLOPT_PROXY_SSL_VERIFYHOST, 2L); curl_easy_perform(curl); } AVAILABILITY
Added in 7.52.0. If built TLS enabled. RETURN VALUE
Returns CURLE_OK if TLS is supported, and CURLE_UNKNOWN_OPTION if not. If 1 is set as argument, CURLE_BAD_FUNCTION_ARGUMENT is returned. SEE ALSO
CURLOPT_PROXY_SSL_VERIFYPEER(3), CURLOPT_PROXY_CAINFO(3), , CURLOPT_SSL_VERIFYPEER(3), CURLOPT_CAINFO(3), , libcurl 7.54.0 December 16, 2016 CURLOPT_PROXY_SSL_VERIFYHOST(3)