curl / Mailing Lists / curl-library / Single Mail
Buy commercial curl support from WolfSSL. We help you work out your issues, debug your libcurl applications, use the API, port to new platforms, add new features and more. With a team lead by the curl founder himself.

Re: Feature request: passing ssl certificate and/or key parameter as content, not path

From: Ray Satiro via curl-library <curl-library_at_cool.haxx.se>
Date: Thu, 10 Oct 2019 14:21:27 -0400

On 10/10/2019 10:48 AM, Nicolas Mora via curl-library wrote:
> According to the libcurl documentation [1], if you want to specify a
> SSL certificate or key to the connection, the parameter must be a file
> path rather than the certificate or key value: "Pass a pointer to a
> zero terminated string as parameter. The string should be the file
> name of your client certificate."
>
> This makes it difficult to use ssl authenticated requests on an
> embedded program where those options can come from various places (API
> response, config file, self-generated, whatever). The only workaround
> I find is to use mkstemp, which adds layers of complexity.
>
> Would it be possible to add the possibility to pass the cert/key
> content as well? By adding a new value to CURLOPT_SSLCERTTYPE for
> example, like "PEM_DATA"?
>
> I can work on a patch but I'd like to know first if the idea would be
> accepted.

Gilles Vollant already has a work-in-progress pull request for this, I
think they are going to call it CURLOPT_SSLCERT_BLOB. Please contribute
to the discussion at https://github.com/curl/curl/pull/4371

-------------------------------------------------------------------
Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library
Etiquette: https://curl.haxx.se/mail/etiquette.html
Received on 2019-10-10