1--- 2c: Copyright (C) Daniel Stenberg, <daniel.se>, et al. 3SPDX-License-Identifier: curl 4Title: CURLOPT_SSL_VERIFYSTATUS 5Section: 3 6Source: libcurl 7See-also: 8 - CURLOPT_CAINFO (3) 9 - CURLOPT_SSL_VERIFYHOST (3) 10 - CURLOPT_SSL_VERIFYPEER (3) 11--- 12 13# NAME 14 15CURLOPT_SSL_VERIFYSTATUS - verify the certificate's status 16 17# SYNOPSIS 18 19~~~c 20#include <curl/curl.h> 21 22CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSL_VERIFYSTATUS, long verify); 23~~~ 24 25# DESCRIPTION 26 27Pass a long as parameter set to 1 to enable or 0 to disable. 28 29This option determines whether libcurl verifies the status of the server cert 30using the "Certificate Status Request" TLS extension (aka. OCSP stapling). 31 32Note that if this option is enabled but the server does not support the TLS 33extension, the verification fails. 34 35# DEFAULT 36 370 38 39# PROTOCOLS 40 41All TLS based protocols: HTTPS, FTPS, IMAPS, POP3S, SMTPS etc. 42 43# EXAMPLE 44 45~~~c 46int main(void) 47{ 48 CURL *curl = curl_easy_init(); 49 if(curl) { 50 CURLcode res; 51 curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/"); 52 /* ask for OCSP stapling! */ 53 curl_easy_setopt(curl, CURLOPT_SSL_VERIFYSTATUS, 1L); 54 res = curl_easy_perform(curl); 55 curl_easy_cleanup(curl); 56 } 57} 58~~~ 59 60# AVAILABILITY 61 62Added in 7.41.0. This option is currently only supported by the OpenSSL and 63GnuTLS TLS backends. 64 65# RETURN VALUE 66 67Returns CURLE_OK if OCSP stapling is supported by the SSL backend, otherwise 68returns CURLE_NOT_BUILT_IN. 69