curl/docs/cmdline-opts/pinnedpubkey.d

Long: pinnedpubkey
Arg: <hashes>
Help: FILE/HASHES Public key to verify peer against
Protocols: TLS
Category: tls
Example: --pinnedpubkey keyfile $URL
Example: --pinnedpubkey 'sha256//ce118b51897f4452dc' $URL
Added: 7.39.0
---
Tells curl to use the specified public key file (or hashes) to verify the
peer. This can be a path to a file which contains a single public key in PEM
or DER format, or any number of base64 encoded sha256 hashes preceded by
'sha256//' and separated by ';'.

When negotiating a TLS or SSL connection, the server sends a certificate
indicating its identity. A public key is extracted from this certificate and
if it does not exactly match the public key provided to this option, curl will
abort the connection before sending or receiving any data.

PEM/DER support:

7.39.0: OpenSSL, GnuTLS and GSKit

7.43.0: NSS and wolfSSL

7.47.0: mbedtls

sha256 support:

7.44.0: OpenSSL, GnuTLS, NSS and wolfSSL

7.47.0: mbedtls

Other SSL backends not supported.

If this option is used several times, the last one will be used.
cmdline-docs: more options converted over 2016-11-16 06:44:58 +08:00			`Long: pinnedpubkey`
			`Arg: <hashes>`
			`Help: FILE/HASHES Public key to verify peer against`
			`Protocols: TLS`
docs: add categories to all cmdline opts Adapted gen.pl with 'listcats' This commit is a part of "--help me if you can" Closes #5680 2020-07-13 20:15:04 +08:00			`Category: tls`
curl.1: provide examples for each option The file format for each option now features a "Example:" header that can provide one or more examples that get rendered appropriately in the output. All options MUST have at least one example or gen.pl complains at build-time. This fix also does a few other minor format and consistency cleanups. Closes #7654 2021-08-31 22:37:14 +08:00			`Example: --pinnedpubkey keyfile $URL`
			`Example: --pinnedpubkey 'sha256//ce118b51897f4452dc' $URL`
cmdline-opts: made the 'Added:' field mandatory Since "too old" versions are no longer included in the generated man page, this field is now mandatory so that it won't be forgotten and then not included in the documentation. Closes #7786 2021-09-28 17:50:07 +08:00			`Added: 7.39.0`
cmdline-docs: more options converted over 2016-11-16 06:44:58 +08:00			`---`
			`Tells curl to use the specified public key file (or hashes) to verify the`
			`peer. This can be a path to a file which contains a single public key in PEM`
			`or DER format, or any number of base64 encoded sha256 hashes preceded by`
gen.pl: replace leading single quotes with \(aq ... and allow single quotes to be used "normally" in the .d files. Makes the output curl.1 use better nroff. Reported-by: Sergio Durigan Junior Ref: #7928 Closes #7933 2021-11-01 16:55:28 +08:00			`'sha256//' and separated by ';'.`
cmdline-docs: more options converted over 2016-11-16 06:44:58 +08:00
			`When negotiating a TLS or SSL connection, the server sends a certificate`
			`indicating its identity. A public key is extracted from this certificate and`
			`if it does not exactly match the public key provided to this option, curl will`
			`abort the connection before sending or receiving any data.`

			`PEM/DER support:`
pinnedpubkey.d: fix formatting for version support lists Closes https://github.com/curl/curl/pull/7340 2021-07-04 05:11:00 +08:00
			`7.39.0: OpenSSL, GnuTLS and GSKit`

			`7.43.0: NSS and wolfSSL`

			`7.47.0: mbedtls`

cmdline-docs: more options converted over 2016-11-16 06:44:58 +08:00			`sha256 support:`
pinnedpubkey.d: fix formatting for version support lists Closes https://github.com/curl/curl/pull/7340 2021-07-04 05:11:00 +08:00
			`7.44.0: OpenSSL, GnuTLS, NSS and wolfSSL`

			`7.47.0: mbedtls`

cmdline-docs: more options converted over 2016-11-16 06:44:58 +08:00			`Other SSL backends not supported.`

			`If this option is used several times, the last one will be used.`