curlopt_ssl_options(3) [mojave man page]
CURLOPT_SSL_OPTIONS(3) curl_easy_setopt options CURLOPT_SSL_OPTIONS(3) NAME
CURLOPT_SSL_OPTIONS - set SSL behavior options SYNOPSIS
#include <curl/curl.h> CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSL_OPTIONS, long bitmask); DESCRIPTION
Pass a long with a bitmask to tell libcurl about specific SSL behaviors. CURLSSLOPT_ALLOW_BEAST tells libcurl to not attempt to use any workarounds for a security flaw in the SSL3 and TLS1.0 protocols. If this option isn't used or this bit is set to 0, the SSL layer libcurl uses may use a work-around for this flaw although it might cause interop- erability problems with some (older) SSL implementations. WARNING: avoiding this work-around lessens the security, and by setting this option to 1 you ask for exactly that. This option is only supported for DarwinSSL, NSS and OpenSSL. Added in 7.44.0: CURLSSLOPT_NO_REVOKE tells libcurl to disable certificate revocation checks for those SSL backends where such behavior is present. Cur- rently this option is only supported for WinSSL (the native Windows SSL library), with an exception in the case of Windows' Untrusted Pub- lishers blacklist which it seems can't be bypassed. This option may have broader support to accommodate other SSL backends in the future. https://curl.haxx.se/docs/ssl-compared.html DEFAULT
0 PROTOCOLS
All TLS-based protocols EXAMPLE
TODO AVAILABILITY
Added in 7.25.0 RETURN VALUE
Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not. SEE ALSO
CURLOPT_SSLVERSION(3), CURLOPT_SSL_CIPHER_LIST(3), libcurl 7.54.0 February 03, 2016 CURLOPT_SSL_OPTIONS(3)
Check Out this Related Man Page
CURLOPT_PROXY_SSLVERSION(3) curl_easy_setopt options CURLOPT_PROXY_SSLVERSION(3) NAME
CURLOPT_PROXY_SSLVERSION - set preferred proxy TLS/SSL version SYNOPSIS
#include <curl/curl.h> CURLcode curl_easy_setopt(CURL *handle, CURLOPT_PROXY_SSLVERSION, long version); DESCRIPTION
Pass a long as parameter to control which version of SSL/TLS to attempt to use when connecting to an HTTPS proxy. Use one of the available defines for this purpose. The available options are: CURL_SSLVERSION_DEFAULT The default action. This will attempt to figure out the remote SSL protocol version. CURL_SSLVERSION_TLSv1 TLSv1.x CURL_SSLVERSION_TLSv1_0 TLSv1.0 CURL_SSLVERSION_TLSv1_1 TLSv1.1 CURL_SSLVERSION_TLSv1_2 TLSv1.2 CURL_SSLVERSION_TLSv1_3 TLSv1.3 CURL_SSLVERSION_MAX_DEFAULT The flag defines maximum supported TLS version as TLSv1.2 or default value from SSL library. Only library NSS currently allows to get maximum supported TLS version. (Added in 7.54.0) CURL_SSLVERSION_MAX_TLSv1_0 The flag defines maximum supported TLS version as TLSv1.0. (Added in 7.54.0) CURL_SSLVERSION_MAX_TLSv1_1 The flag defines maximum supported TLS version as TLSv1.1. (Added in 7.54.0) CURL_SSLVERSION_MAX_TLSv1_2 The flag defines maximum supported TLS version as TLSv1.2. (Added in 7.54.0) CURL_SSLVERSION_MAX_TLSv1_3 The flag defines maximum supported TLS version as TLSv1.3. (Added in 7.54.0) DEFAULT
CURL_SSLVERSION_DEFAULT PROTOCOLS
All EXAMPLE
CURL *curl = curl_easy_init(); if(curl) { curl_easy_setopt(curl, CURLOPT_URL, "https://example.com"); /* ask libcurl to use TLS version 1.0 or later */ curl_easy_setopt(curl, CURLOPT_PROXY_SSLVERSION, CURL_SSLVERSION_TLSv1_1 | CURL_SSLVERSION_MAX_DEFAULT); /* Perform the request */ curl_easy_perform(curl); } AVAILABILITY
Added in 7.52.0 RETURN VALUE
Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not. SEE ALSO
CURLOPT_USE_SSL(3), CURLOPT_HTTP_VERSION(3), CURLOPT_IPRESOLVE(3) CURLOPT_SSLVERSION(3), libcurl 7.54.0 December 13, 2016 CURLOPT_PROXY_SSLVERSION(3)