| xf.li | 6c8fc1e | 2023-08-12 00:11:09 -0700 | [diff] [blame] | 1 | c: Copyright (C) 1998 - 2022, Daniel Stenberg, <daniel@haxx.se>, et al. |
| 2 | SPDX-License-Identifier: curl |
| 3 | Long: proxy-pinnedpubkey |
| 4 | Arg: <hashes> |
| 5 | Help: FILE/HASHES public key to verify proxy with |
| 6 | Protocols: TLS |
| 7 | Category: proxy tls |
| 8 | Example: --proxy-pinnedpubkey keyfile $URL |
| 9 | Example: --proxy-pinnedpubkey 'sha256//ce118b51897f4452dc' $URL |
| 10 | Added: 7.59.0 |
| 11 | See-also: pinnedpubkey proxy |
| 12 | Multi: single |
| 13 | --- |
| 14 | Tells curl to use the specified public key file (or hashes) to verify the |
| 15 | proxy. This can be a path to a file which contains a single public key in PEM |
| 16 | or DER format, or any number of base64 encoded sha256 hashes preceded by |
| 17 | 'sha256//' and separated by ';'. |
| 18 | |
| 19 | When negotiating a TLS or SSL connection, the server sends a certificate |
| 20 | indicating its identity. A public key is extracted from this certificate and |
| 21 | if it does not exactly match the public key provided to this option, curl will |
| 22 | abort the connection before sending or receiving any data. |