1--- 2c: Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al. 3SPDX-License-Identifier: curl 4Long: cert-status 5Protocols: TLS 6Added: 7.41.0 7Help: Verify the status of the server cert via OCSP-staple 8Category: tls 9Multi: boolean 10See-also: 11 - pinnedpubkey 12Example: 13 - --cert-status $URL 14--- 15 16# `--cert-status` 17 18Tells curl to verify the status of the server certificate by using the 19Certificate Status Request (aka. OCSP stapling) TLS extension. 20 21If this option is enabled and the server sends an invalid (e.g. expired) 22response, if the response suggests that the server certificate has been 23revoked, or no response at all is received, the verification fails. 24 25This is currently only implemented in the OpenSSL and GnuTLS backends. 26