curl-w32/docs/cmdline-opts/cert-status.md

---
c: Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
SPDX-License-Identifier: curl
Long: cert-status
Protocols: TLS
Added: 7.41.0
Help: Verify the status of the server cert via OCSP-staple
Category: tls
Multi: boolean
See-also:
  - pinnedpubkey
Example:
  - --cert-status $URL
---

# `--cert-status`

Tells curl to verify the status of the server certificate by using the
Certificate Status Request (aka. OCSP stapling) TLS extension.

If this option is enabled and the server sends an invalid (e.g. expired)
response, if the response suggests that the server certificate has been
revoked, or no response at all is received, the verification fails.

This is currently only implemented in the OpenSSL and GnuTLS backends.
Import from curl-8.6.0.zip Upstream: https://github.com/curl/curl/releases/tag/curl-8_6_0 2024-03-02 03:51:05 +00:00			`---`
			`c: Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.`
			`SPDX-License-Identifier: curl`
			`Long: cert-status`
			`Protocols: TLS`
			`Added: 7.41.0`
			`Help: Verify the status of the server cert via OCSP-staple`
			`Category: tls`
			`Multi: boolean`
			`See-also:`
			`- pinnedpubkey`
			`Example:`
			`- --cert-status $URL`
			`---`

			# `--cert-status`

			`Tells curl to verify the status of the server certificate by using the`
			`Certificate Status Request (aka. OCSP stapling) TLS extension.`

			`If this option is enabled and the server sends an invalid (e.g. expired)`
			`response, if the response suggests that the server certificate has been`
			`revoked, or no response at all is received, the verification fails.`

			`This is currently only implemented in the OpenSSL and GnuTLS backends.`