mirror of
https://github.com/curl/curl.git
synced 2026-05-19 10:46:21 +03:00
08a3e8e19a
These libraries do not support TLS 1.3 and have been marked for removal for over a year. We want to help users select a TLS dependency that is future-proof and reliable, and not supporting TLS 1.3 in 2025 does not infer confidence. Users who build libcurl are likely to be served better and get something more future-proof with a TLS library that supports 1.3. Closes #16677
33 lines
1.2 KiB
Markdown
33 lines
1.2 KiB
Markdown
---
|
|
c: Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
|
|
SPDX-License-Identifier: curl
|
|
Long: key
|
|
Arg: <key>
|
|
Protocols: TLS SSH
|
|
Help: Private key filename
|
|
Category: tls ssh
|
|
Added: 7.9.3
|
|
Multi: single
|
|
See-also:
|
|
- key-type
|
|
- cert
|
|
Example:
|
|
- --cert certificate --key here $URL
|
|
---
|
|
|
|
# `--key`
|
|
|
|
Private key filename. Allows you to provide your private key in this separate
|
|
file. For SSH, if not specified, curl tries the following candidates in order:
|
|
`~/.ssh/id_rsa`, `~/.ssh/id_dsa`, `./id_rsa`, `./id_dsa`.
|
|
|
|
If curl is built against OpenSSL library, and the engine pkcs11 or pkcs11
|
|
provider is available, then a PKCS#11 URI (RFC 7512) can be used to specify a
|
|
private key located in a PKCS#11 device. A string beginning with `pkcs11:` is
|
|
interpreted as a PKCS#11 URI. If a PKCS#11 URI is provided, then the --engine
|
|
option is set as `pkcs11` if none was provided and the --key-type option is
|
|
set as `ENG` or `PROV` if none was provided (depending on OpenSSL version).
|
|
|
|
If curl is built against Schannel then this option is ignored for TLS
|
|
protocols (HTTPS, etc). That backend expects the private key to be already
|
|
present in the keychain or PKCS#12 file containing the certificate.
|