cURL is a computer software project providing a library and command-line tool for transferring data using various protocols. The cURL project produces two products, libcurl and cURL. It was first released in 1997.

The name stands for "Client URL". The original author and lead developer is the Swedish developer Daniel Stenberg.


libcurl is a free client-side URL transfer library, supporting cookies, DICT, FTP, FTPS, Gopher, HTTP (with HTTP/2 support), HTTP POST, HTTP PUT, HTTP proxy tunneling, HTTPS, IMAP, Kerberos, LDAP, POP3, RTSP, SCP, and SMTP. The library supports the file URI scheme, SFTP, Telnet, TFTP, file transfer resume, FTP uploading, HTTP form-based upload, HTTPS certificates, LDAPS, proxies, and user-plus-password authentication.

The libcurl library is portable. It builds and works identically on many platforms, including AIX, AmigaOS, Android, BeOS, BlackBerry Tablet OS and BlackBerry 10, OpenVMS, Darwin, DOS, FreeBSD, HP-UX, HURD, iOS, IRIX, Linux, macOS, NetBSD, NetWare, OpenBSD, OS/2, QNX Neutrino, RISC OS, Solaris, Symbian, Tru64, Ultrix, UnixWare, and Windows. The libcurl library is free, thread-safe and IPv6 compatible. Bindings are available for more than 40 languages, including C/C++, Java, PHP and Python. The libcurl library can support axTLS, GnuTLS, mbed TLS, NSS, QSOSSL on IBM i, SChannel on Windows, Secure Transport on macOS and iOS, SSL/TLS through OpenSSL, and wolfSSL.


cURL is a command-line tool for getting or sending files using URL syntax. Since cURL uses libcurl, it supports a range of common Internet protocols, currently including HTTP, HTTPS, FTP, FTPS, SCP, SFTP, TFTP, LDAP, DAP, DICT, TELNET, FILE, IMAP, POP3, SMTP and RTSP (the last four only in versions newer than 7.20.0 or 9 February 2010).

cURL supports HTTPS and performs SSL certificate verification by default when a secure protocol is specified such as HTTPS. When cURL connects to a remote server via HTTPS, it will first obtain the remote server certificate and check against its CA certificate store the validity of the remote server to ensure the remote server is the one it claims to be. Some cURL packages have bundled with CA certificate store file. There are several options to specify CA certificate such as --cacert and --capath. The --cacert option can be used to specify the location of the CA certificate store file. In the Windows platform, if a CA certificate file is not specified, cURL will look for a CA certificate file name “curl-ca-bundle.crt” in the following order:

1. Directory where the cURL program is located.

2. Current working directory.

3. Windows system directory.

4. Windows directory.

5. Directories specified in the %PATH% environment variables.

cURL will return an error message if the remote server is using a self-signed certificate, or if the remote server certificate is not signed by a CA listed in the CA cert file. -k or --insecure option can be used to skip certificate verification. Alternatively, if the remote server is trusted, the remote server CA certificate can be added to the CA certificate store file.




Further reading


Documentaries, videos and podcasts



Golden logo
Text is available under the Creative Commons Attribution-ShareAlike 4.0; additional terms apply. By using this site, you agree to our Terms & Conditions.