blob: 3e07c8ed10247be4f5ac9cdfe9d6d8d011185ce9 [file] [log] [blame]
xf.li6c8fc1e2023-08-12 00:11:09 -07001c: Copyright (C) 1998 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al.
2SPDX-License-Identifier: curl
3Long: key
4Arg: <key>
5Protocols: TLS SSH
6Help: Private key file name
7Category: tls ssh
8Example: --cert certificate --key here $URL
9Added: 7.9.3
10See-also: key-type cert
11Multi: single
12---
13Private key file name. Allows you to provide your private key in this separate
14file. For SSH, if not specified, curl tries the following candidates in order:
15'~/.ssh/id_rsa', '~/.ssh/id_dsa', './id_rsa', './id_dsa'.
16
17If curl is built against OpenSSL library, and the engine pkcs11 is available,
18then a PKCS#11 URI (RFC 7512) can be used to specify a private key located in a
19PKCS#11 device. A string beginning with "pkcs11:" will be interpreted as a
20PKCS#11 URI. If a PKCS#11 URI is provided, then the --engine option will be set
21as "pkcs11" if none was provided and the --key-type option will be set as
22"ENG" if none was provided.
23
24If curl is built against Secure Transport or Schannel then this option is
25ignored for TLS protocols (HTTPS, etc). Those backends expect the private key
26to be already present in the keychain or PKCS#12 file containing the
27certificate.