CURLcode curl_easy_setopt(CURL *handle, CURLOPT_SSL_CIPHER_LIST, char *list);
For OpenSSL and GnuTLS valid examples of cipher lists include 'RC4-SHA', 'SHA1+DES', 'TLSv1' and 'DEFAULT'. The default list is normally set when you compile OpenSSL.
You'll find more details about cipher lists on this URL:
https://curl.se/docs/ssl-ciphers.html
For NSS, valid examples of cipher lists include 'rsa_rc4_128_md5', 'rsa_aes_128_sha', etc. With NSS you don't add/remove ciphers. If one uses this option then all known ciphers are disabled and only those passed in are enabled.
For WolfSSL, valid examples of cipher lists include 'ECDHE-RSA-RC4-SHA', 'AES256-SHA:AES256-SHA256', etc.
The application does not have to keep the string around after setting this option.
CURL *curl = curl_easy_init(); if(curl) { curl_easy_setopt(curl, CURLOPT_URL, "https://example.com/"); curl_easy_setopt(curl, CURLOPT_SSL_CIPHER_LIST, "TLSv1"); ret = curl_easy_perform(curl); curl_easy_cleanup(curl); }