curl plugin for
libstrongswan allows to fetch CRLs and exchange OCSP
messages using the
libcurl library based on
The plugin is disabled by default and can be enabled with the
curl plugin can fetch data via HTTPS if
libcurl has been built with a
To use the TLS backend in a multi-threaded environment, that backend must be
explicitly initialized before use. The
curl plugin does not do that by itself,
but relies on the appropriate strongSwan crypto plugin for doing so. This implies
that a corresponding strongSwan crypto plugin is required which matches the TLS
libcurluses OpenSSL as a backend, then
--enable-opensslis required when building strongSwan in order to support fetching via HTTPS.
libcurluses GnuTLS as a backend,
--enable-gcryptis needed to fetch via HTTPS.
For an NSS-based
libcurlTLS backend, no dependency in strongSwan that is able to initialize fetching via HTTPS.