1CURLOPT_SSL_CIPHER_LIST(3) curl_easy_setopt options CURLOPT_SSL_CIPHER_LIST(3)
2
3
4

NAME

6       CURLOPT_SSL_CIPHER_LIST - ciphers to use for TLS
7

SYNOPSIS

9       #include <curl/curl.h>
10
11       CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSL_CIPHER_LIST, char *list);
12

DESCRIPTION

14       Pass a char *, pointing to a null-terminated string holding the list of
15       ciphers to use for the SSL connection. The list must  be  syntactically
16       correct, it consists of one or more cipher strings separated by colons.
17       Commas or spaces are also acceptable separators but colons are normally
18       used, !, - and + can be used as operators.
19
20       For  OpenSSL and GnuTLS valid examples of cipher lists include RC4-SHA,
21       SHA1+DES, TLSv1 and DEFAULT. The default list is normally set when  you
22       compile OpenSSL.
23
24       For  NSS,  valid  examples  of  cipher  lists  include rsa_rc4_128_md5,
25       rsa_aes_128_sha, etc. With NSS you do not add/remove  ciphers.  If  one
26       uses  this  option  then  all known ciphers are disabled and only those
27       passed in are enabled.
28
29       For WolfSSL, valid examples of cipher lists include  ECDHE-RSA-RC4-SHA,
30       AES256-SHA:AES256-SHA256, etc.
31
32       For   BearSSL,  valid  examples  of  cipher  lists  include  ECDHE-RSA-
33       CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256, or when using IANA names
34       TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
35       etc.  With BearSSL you do not add/remove ciphers. If one uses this  op‐
36       tion  then  all known ciphers are disabled and only those passed in are
37       enabled.
38
39       you will find more details about cipher lists on this URL:
40
41        https://curl.se/docs/ssl-ciphers.html
42
43       The application does not have to keep the string around  after  setting
44       this option.
45

DEFAULT

47       NULL, use internal default
48

PROTOCOLS

50       All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc.
51

EXAMPLE

53       CURL *curl = curl_easy_init();
54       if(curl) {
55         curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/");
56         curl_easy_setopt(curl, CURLOPT_SSL_CIPHER_LIST, "TLSv1");
57         ret = curl_easy_perform(curl);
58         curl_easy_cleanup(curl);
59       }
60

AVAILABILITY

62       Added in 7.9, in 7.83.0 for BearSSL
63
64       If built TLS enabled.
65

RETURN VALUE

67       Returns  CURLE_OK  if TLS is supported, CURLE_UNKNOWN_OPTION if not, or
68       CURLE_OUT_OF_MEMORY if there was insufficient heap space.
69

SEE ALSO

71       CURLOPT_TLS13_CIPHERS(3), CURLOPT_SSLVERSION(3),  CURLOPT_PROXY_SSL_CI‐
72       PHER_LIST(3), CURLOPT_PROXY_TLS13_CIPHERS(3), CURLOPT_USE_SSL(3),
73
74
75
76libcurl 8.0.1                  January 02, 2023     CURLOPT_SSL_CIPHER_LIST(3)
Impressum