cURL / Mailing Lists / curl-library / Single Mail


SSL Client authentication

From: Eric Rautman <>
Date: Tue, 17 Apr 2001 16:09:56 -0400 (EDT)

A question about client authentication using libcurl's
curl_easy_setopt(curl, CURLOPT_SSLCERT, crtfile) function.

the documentation mentions that 'crtfile' must contain the concatenation of
the private key and the cert itself.

Does this concatenated file need to be stored at the server? If so, isn't
this a serious security risk? I thought the idea behind asymmetric
encryption was to keep the private key at the host, not distribute it with
the cert.

Or is the cert stored at the server without the private key concat'ed? Does
libcurl send this concat'ed file to the server at client authentication
time, or just the cert itself?


FREE! The World's Best Email Address
Reserve your name now at

Curl-library mailing list
Received on 2001-04-17