CURLOPT_SSLKEY - Man Page

private key file for TLS and SSL client cert

Synopsis

#include <curl/curl.h>

CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSLKEY, char *keyfile);

Description

Pass a pointer to a null-terminated string as parameter. The string should be the filename of your private key. The default format is "PEM" and can be changed with CURLOPT_SSLKEYTYPE(3).

(Windows, iOS and Mac OS X) This option is ignored by Secure Transport and Schannel SSL backends because they expect the private key to be already present in the key-chain or PKCS#12 file containing the certificate.

The application does not have to keep the string around after setting this option.

Default

NULL

Protocols

All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.

This option works only with the following TLS backends: OpenSSL, Schannel, mbedTLS and wolfSSL

Example

int main(void)
{
  CURL *curl = curl_easy_init();
  if(curl) {
    CURLcode res;
    curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
    curl_easy_setopt(curl, CURLOPT_SSLCERT, "client.pem");
    curl_easy_setopt(curl, CURLOPT_SSLKEY, "key.pem");
    curl_easy_setopt(curl, CURLOPT_KEYPASSWD, "s3cret");
    res = curl_easy_perform(curl);
    curl_easy_cleanup(curl);
  }
}

Availability

If built TLS enabled.

Return Value

Returns CURLE_OK if TLS is supported, CURLE_UNKNOWN_OPTION if not, or CURLE_OUT_OF_MEMORY if there was insufficient heap space.

See Also

CURLOPT_SSLCERT(3), CURLOPT_SSLKEYTYPE(3), CURLOPT_SSLKEY_BLOB(3)

Referenced By

curl_easy_setopt(3), CURLOPT_KEYPASSWD(3), CURLOPT_PROXY_KEYPASSWD(3), CURLOPT_PROXY_SSLKEY(3), CURLOPT_PROXY_SSLKEY_BLOB(3), CURLOPT_SSLCERT(3), CURLOPT_SSLCERT_BLOB(3), CURLOPT_SSLCERTTYPE(3), CURLOPT_SSLENGINE(3), CURLOPT_SSLKEY_BLOB(3), CURLOPT_SSLKEYTYPE(3), libcurl-symbols(3).

March 27 2024 libcurl