diff options
Diffstat (limited to 'docs/libcurl/opts/CURLOPT_SSL_VERIFYSTATUS.md')
-rw-r--r-- | docs/libcurl/opts/CURLOPT_SSL_VERIFYSTATUS.md | 68 |
1 files changed, 68 insertions, 0 deletions
diff --git a/docs/libcurl/opts/CURLOPT_SSL_VERIFYSTATUS.md b/docs/libcurl/opts/CURLOPT_SSL_VERIFYSTATUS.md new file mode 100644 index 000000000..66dbd7465 --- /dev/null +++ b/docs/libcurl/opts/CURLOPT_SSL_VERIFYSTATUS.md @@ -0,0 +1,68 @@ +--- +c: Copyright (C) Daniel Stenberg, <daniel.se>, et al. +SPDX-License-Identifier: curl +Title: CURLOPT_SSL_VERIFYSTATUS +Section: 3 +Source: libcurl +See-also: + - CURLOPT_CAINFO (3) + - CURLOPT_SSL_VERIFYHOST (3) + - CURLOPT_SSL_VERIFYPEER (3) +--- + +# NAME + +CURLOPT_SSL_VERIFYSTATUS - verify the certificate's status + +# SYNOPSIS + +~~~c +#include <curl/curl.h> + +CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSL_VERIFYSTATUS, long verify); +~~~ + +# DESCRIPTION + +Pass a long as parameter set to 1 to enable or 0 to disable. + +This option determines whether libcurl verifies the status of the server cert +using the "Certificate Status Request" TLS extension (aka. OCSP stapling). + +Note that if this option is enabled but the server does not support the TLS +extension, the verification fails. + +# DEFAULT + +0 + +# PROTOCOLS + +All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc. + +# EXAMPLE + +~~~c +int main(void) +{ + CURL *curl = curl_easy_init(); + if(curl) { + CURLcode res; + curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/"); + /* ask for OCSP stapling! */ + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYSTATUS, 1L); + res = curl_easy_perform(curl); + curl_easy_cleanup(curl); + } +} +~~~ + +# AVAILABILITY + +Added in 7.41.0. This option is currently only supported by the OpenSSL and +GnuTLS TLS backends. + +# RETURN VALUE + +Returns CURLE_OK if OCSP stapling is supported by the SSL backend, otherwise +returns CURLE_NOT_BUILT_IN. |