curlopt_ssl_cipher_list(3) [mojave man page]
CURLOPT_SSL_CIPHER_LIST(3) curl_easy_setopt options CURLOPT_SSL_CIPHER_LIST(3) NAME
CURLOPT_SSL_CIPHER_LIST - specify ciphers to use for TLS SYNOPSIS
#include <curl/curl.h> CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSL_CIPHER_LIST, char *list); DESCRIPTION
Pass a char *, pointing to a zero terminated string holding the list of ciphers to use for the SSL connection. The list must be syntacti- cally correct, it consists of one or more cipher strings separated by colons. Commas or spaces are also acceptable separators but colons are normally used, !, - and + can be used as operators. For OpenSSL and GnuTLS valid examples of cipher lists include 'RC4-SHA', 'SHA1+DES', 'TLSv1' and 'DEFAULT'. The default list is normally set when you compile OpenSSL. You'll find more details about cipher lists on this URL: https://curl.haxx.se/docs/ssl-ciphers.html For NSS, valid examples of cipher lists include 'rsa_rc4_128_md5', 'rsa_aes_128_sha', etc. With NSS you don't add/remove ciphers. If one uses this option then all known ciphers are disabled and only those passed in are enabled. For WolfSSL, valid examples of cipher lists include 'ECDHE-RSA-RC4-SHA', 'AES256-SHA:AES256-SHA256', etc. The application does not have to keep the string around after setting this option. DEFAULT
NULL, use internal default PROTOCOLS
All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc. EXAMPLE
TODO AVAILABILITY
If built TLS enabled. RETURN VALUE
Returns CURLE_OK if TLS is supported, CURLE_UNKNOWN_OPTION if not, or CURLE_OUT_OF_MEMORY if there was insufficient heap space. SEE ALSO
CURLOPT_SSLVERSION(3), CURLOPT_USE_SSL(3), libcurl 7.54.0 December 21, 2016 CURLOPT_SSL_CIPHER_LIST(3)
Check Out this Related Man Page
CURLOPT_SSLVERSION(3) curl_easy_setopt options CURLOPT_SSLVERSION(3) NAME
CURLOPT_SSLVERSION - set preferred TLS/SSL version SYNOPSIS
#include <curl/curl.h> CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSLVERSION, long version); DESCRIPTION
Pass a long as parameter to control which version of SSL/TLS to attempt to use. Use one of the available defines for this purpose. The available options are: CURL_SSLVERSION_DEFAULT The default action. This will attempt to figure out the remote SSL protocol version. CURL_SSLVERSION_TLSv1 TLSv1.x CURL_SSLVERSION_SSLv2 SSLv2 CURL_SSLVERSION_SSLv3 SSLv3 CURL_SSLVERSION_TLSv1_0 TLSv1.0 (Added in 7.34.0) CURL_SSLVERSION_TLSv1_1 TLSv1.1 (Added in 7.34.0) CURL_SSLVERSION_TLSv1_2 TLSv1.2 (Added in 7.34.0) CURL_SSLVERSION_TLSv1_3 TLSv1.3 (Added in 7.52.0) CURL_SSLVERSION_MAX_DEFAULT The flag defines maximum supported TLS version as TLSv1.2 or default value from SSL library. Only library NSS currently allows to get maximum supported TLS version. (Added in 7.54.0) CURL_SSLVERSION_MAX_TLSv1_0 The flag defines maximum supported TLS version as TLSv1.0. (Added in 7.54.0) CURL_SSLVERSION_MAX_TLSv1_1 The flag defines maximum supported TLS version as TLSv1.1. (Added in 7.54.0) CURL_SSLVERSION_MAX_TLSv1_2 The flag defines maximum supported TLS version as TLSv1.2. (Added in 7.54.0) CURL_SSLVERSION_MAX_TLSv1_3 The flag defines maximum supported TLS version as TLSv1.3. (Added in 7.54.0) DEFAULT
CURL_SSLVERSION_DEFAULT PROTOCOLS
All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc. EXAMPLE
CURL *curl = curl_easy_init(); if(curl) { curl_easy_setopt(curl, CURLOPT_URL, "https://example.com"); /* ask libcurl to use TLS version 1.1 or later */ curl_easy_setopt(curl, CURLOPT_SSLVERSION, CURL_SSLVERSION_TLSv1.1 | CURL_SSLVERSION_MAX_DEFAULT); /* Perform the request */ curl_easy_perform(curl); } AVAILABILITY
SSLv2 is disabled by default since 7.18.1. Other SSL versions availability may vary depending on which backend libcurl has been built to use. SSLv3 is disabled by default since 7.39.0. RETURN VALUE
Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not. SEE ALSO
CURLOPT_USE_SSL(3), CURLOPT_HTTP_VERSION(3), CURLOPT_IPRESOLVE(3) libcurl 7.54.0 December 13, 2016 CURLOPT_SSLVERSION(3)