docs: note CURLOPT_PINNEDPUBLICKEY has no effect on legacy LDAP backend

author Joshua Rogers <MegaManSec@users.noreply.github.com>

Tue, 19 May 2026 21:14:01 +0000 (23:14 +0200)

committer Daniel Stenberg <daniel@haxx.se>

Thu, 21 May 2026 06:08:25 +0000 (08:08 +0200)
author Joshua Rogers <MegaManSec@users.noreply.github.com>
Tue, 19 May 2026 21:14:01 +0000 (23:14 +0200)
committer Daniel Stenberg <daniel@haxx.se>
Thu, 21 May 2026 06:08:25 +0000 (08:08 +0200)
diff --git a/docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.md b/docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.md

index 0590143c906bdb1394fd710755de5525449a03f6..82dd1626d140ee4c3c6a1a61a1b8eea3cab257d5 100644 (file)
--- a/docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.md
+++ b/docs/libcurl/opts/CURLOPT_PINNEDPUBLICKEY.md
@@ -53,6 +53,11 @@ On mismatch, *CURLE_SSL_PINNEDPUBKEYNOTMATCH* is returned.
  The application does not have to keep the string around after setting this
  option.
  
+This option has no effect on LDAP connections when libcurl uses the legacy LDAP
+backend. That backend manages TLS independently of curl's TLS layer. When
+libcurl is built with USE_OPENLDAP, the OpenLDAP backend routes TLS through
+curl's layer and this option is honored.
+
  # DEFAULT
  
  NULL
author	Joshua Rogers <MegaManSec@users.noreply.github.com>
	Tue, 19 May 2026 21:14:01 +0000 (23:14 +0200)
committer	Daniel Stenberg <daniel@haxx.se>
	Thu, 21 May 2026 06:08:25 +0000 (08:08 +0200)