linux

How to configure curl so that it supports GOST encryption?

Hello. I am developing a service in PHP for integration with the public services portal using the SOAP protocol. They require that the connection be secure and encrypted according to GOST. Available:
- Ubuntu 15.04
- OpenSSL 1.0.1f with GOST encryption enabled.
- curl 7.45.0-DEV (libcurl/7.37.1 OpenSSL/1.0.1f zlib/1.2.8 libidn/1.28 librtmp/2.3)
According to the instructions, I generated a CryptoPRO test certificate and sent it to them. OpenSSL connects fine.

openssl s_client -connect address.ru:443 -CAfile '/home/ipc/cert/cacert.pem' -cert '/home/ipc/cert/certificate.pem' -key '/home/ipc/cert/private.pem'

But curl fails to establish a secure connection

curl --engine gost address.ru:443 --cert '/home/ipc/cert/certificate.pem' --key '/home/ipc/cert/private.pem' --ciphers TLSv1 --cacert '/home/ipc/cert/cacert.pem'

gives the error "curl: (51) SSL: couldn't get peer certificate!"
I started analyzing traffic with Wireshark and noticed that there are no GOSTs in the list of ciphers that curl sends in the Client Hello packet, but there are in OpenSSL. I found information on the Internet that for some time curl has been using the NSS cryptographic provider, instead of OpenSSL. Rebuilt crul without nss support and with openssl support. But it didn't help the case. That is, the curl does not transmit GOSTs in the list of supported ciphers. Tell me how to make curl work with GOST ciphers?