999cc818c5
In OpenSSL < 3.0, the modularity was provided by mechanism called "engines". This is supported in curl, but the engines got deprecated with OpenSSL 3.0 in favor of more versatile providers. This adds a support for OpenSSL Providers, to use PKCS#11 keys, namely through the pkcs11 provider. This is done using similar approach as the engines and this is automatically built in when the OpenSSL 3 and newer is used. Signed-off-by: Jakub Jelen <jjelen@redhat.com> Closes #15587
640 B
640 B
| c | SPDX-License-Identifier | Long | Protocols | Arg | Help | Category | Added | Multi | See-also | Example | ||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al. | curl | cert-type | TLS | <type> | Certificate type (DER/PEM/ENG/PROV/P12) | tls | 7.9.3 | single |
|
|
--cert-type
Set type of the provided client certificate. PEM, DER, ENG, PROV and P12 are recognized types.
The default type depends on the TLS backend and is usually PEM, however for Secure Transport and Schannel it is P12. If --cert is a pkcs11: URI then ENG or PROV is the default type (depending on OpenSSL version).