blob: 537b34f3ad6e9c3af1500f7f6842a4a4588e0f31 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
|
---
c: Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
SPDX-License-Identifier: curl
Long: sigalgs
Arg: <list>
Help: TLS signature algorithms to use
Protocols: TLS
Added: 8.14.0
Category: tls
Multi: single
See-also:
- ciphers
Example:
- --sigalgs ecdsa_secp256r1_sha256 $URL
---
# `--sigalgs`
Set specific signature algorithms to use during SSL session establishment according to RFC
5246, 7.4.1.4.1.
An algorithm can use either a signature algorithm and a hash algorithm pair separated by a
`+` (e.g. `ECDSA+SHA224`), or its TLS 1.3 signature scheme name (e.g. `ed25519`).
Multiple algorithms can be provided by separating them with `:`
(e.g. `DSA+SHA256:rsa_pss_pss_sha256`). The parameter is available as `-sigalgs` in the
OpenSSL `s_client` and `s_server` utilities.
`--sigalgs` allows a OpenSSL powered curl to make SSL-connections with exactly
the signature algorithms requested by the client, avoiding nontransparent client/server
negotiations.
If this option is set, the default signature algorithm list built into OpenSSL are ignored.
|
