xf.li | 6c8fc1e | 2023-08-12 00:11:09 -0700 | [diff] [blame^] | 1 | c: Copyright (C) 1998 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al. |
| 2 | SPDX-License-Identifier: curl |
| 3 | Long: key |
| 4 | Arg: <key> |
| 5 | Protocols: TLS SSH |
| 6 | Help: Private key file name |
| 7 | Category: tls ssh |
| 8 | Example: --cert certificate --key here $URL |
| 9 | Added: 7.9.3 |
| 10 | See-also: key-type cert |
| 11 | Multi: single |
| 12 | --- |
| 13 | Private key file name. Allows you to provide your private key in this separate |
| 14 | file. For SSH, if not specified, curl tries the following candidates in order: |
| 15 | '~/.ssh/id_rsa', '~/.ssh/id_dsa', './id_rsa', './id_dsa'. |
| 16 | |
| 17 | If curl is built against OpenSSL library, and the engine pkcs11 is available, |
| 18 | then a PKCS#11 URI (RFC 7512) can be used to specify a private key located in a |
| 19 | PKCS#11 device. A string beginning with "pkcs11:" will be interpreted as a |
| 20 | PKCS#11 URI. If a PKCS#11 URI is provided, then the --engine option will be set |
| 21 | as "pkcs11" if none was provided and the --key-type option will be set as |
| 22 | "ENG" if none was provided. |
| 23 | |
| 24 | If curl is built against Secure Transport or Schannel then this option is |
| 25 | ignored for TLS protocols (HTTPS, etc). Those backends expect the private key |
| 26 | to be already present in the keychain or PKCS#12 file containing the |
| 27 | certificate. |