Site Navigation

FreeBSD Manual Pages

   man apropos
 
   All Sections 1 - General Commands 2 - System Calls 3 - Subroutines 4 - Special Files 5 - File Formats 6 - Games 7 - Macros and Conventions 8 - Maintenance Commands 9 - Kernel Interface n - New Commands FreeBSD 16.0-CURRENT FreeBSD 15.0-STABLE FreeBSD 14.3-RELEASE FreeBSD 14.3-RELEASE and Ports FreeBSD 14.3-STABLE FreeBSD 14.2-RELEASE FreeBSD 14.2-RELEASE and Ports FreeBSD 14.1-RELEASE FreeBSD 14.1-RELEASE and Ports FreeBSD 14.0-RELEASE FreeBSD 14.0-RELEASE and Ports FreeBSD 13.5-RELEASE FreeBSD 13.5-RELEASE and Ports FreeBSD 13.5-STABLE FreeBSD 13.4-RELEASE FreeBSD 13.4-RELEASE and Ports FreeBSD 13.3-RELEASE FreeBSD 13.3-RELEASE and Ports FreeBSD 13.2-RELEASE FreeBSD 13.2-RELEASE and Ports FreeBSD 13.1-RELEASE FreeBSD 13.1-RELEASE and Ports FreeBSD 13.0-RELEASE FreeBSD 13.0-RELEASE and Ports FreeBSD 12.4-RELEASE FreeBSD 12.4-RELEASE and Ports FreeBSD 12.3-RELEASE FreeBSD 12.3-RELEASE and Ports FreeBSD 12.2-RELEASE FreeBSD 12.2-RELEASE and Ports FreeBSD 12.1-RELEASE FreeBSD 12.1-RELEASE and Ports FreeBSD 12.0-RELEASE FreeBSD 12.0-RELEASE and Ports FreeBSD 11.4-RELEASE FreeBSD 11.4-RELEASE and Ports FreeBSD 11.3-RELEASE FreeBSD 11.3-RELEASE and Ports FreeBSD 11.2-RELEASE FreeBSD 11.2-RELEASE and Ports FreeBSD 11.1-RELEASE FreeBSD 11.1-RELEASE and Ports FreeBSD 11.0-RELEASE FreeBSD 11.0-RELEASE and Ports FreeBSD 10.4-RELEASE FreeBSD 10.4-RELEASE and Ports FreeBSD 10.3-RELEASE FreeBSD 10.3-RELEASE and Ports FreeBSD 10.2-RELEASE FreeBSD 10.2-RELEASE and Ports FreeBSD 10.1-RELEASE FreeBSD 10.1-RELEASE and Ports FreeBSD 10.0-RELEASE FreeBSD 10.0-RELEASE and Ports FreeBSD 9.3-RELEASE FreeBSD 9.3-RELEASE and Ports FreeBSD 9.2-RELEASE FreeBSD 9.2-RELEASE and Ports FreeBSD 9.1-RELEASE FreeBSD 9.1-RELEASE and Ports FreeBSD 9.0-RELEASE FreeBSD 9.0-RELEASE and Ports FreeBSD 8.4-RELEASE FreeBSD 8.4-RELEASE and Ports FreeBSD 8.3-RELEASE FreeBSD 8.3-RELEASE and Ports FreeBSD 8.2-RELEASE FreeBSD 8.2-RELEASE and Ports FreeBSD 8.1-RELEASE FreeBSD 8.1-RELEASE and Ports FreeBSD 8.0-RELEASE FreeBSD 8.0-RELEASE and Ports FreeBSD 7.4-RELEASE FreeBSD 7.4-RELEASE and Ports FreeBSD 7.3-RELEASE FreeBSD 7.3-RELEASE and Ports FreeBSD 7.2-RELEASE FreeBSD 7.2-RELEASE and Ports FreeBSD 7.1-RELEASE FreeBSD 7.1-RELEASE and Ports FreeBSD 7.0-RELEASE FreeBSD 6.4-RELEASE FreeBSD 6.4-RELEASE and Ports FreeBSD 6.3-RELEASE FreeBSD 6.3-RELEASE and Ports FreeBSD 6.2-RELEASE FreeBSD 6.1-RELEASE FreeBSD 6.0-RELEASE FreeBSD 6.0-RELEASE and Ports FreeBSD 5.5-RELEASE FreeBSD 5.5-RELEASE and Ports FreeBSD 5.4-RELEASE FreeBSD 5.4-RELEASE and Ports FreeBSD 5.3-RELEASE FreeBSD 5.3-RELEASE and Ports FreeBSD 5.2.1-RELEASE FreeBSD 5.2.1-RELEASE and Ports FreeBSD 5.2-RELEASE FreeBSD 5.2-RELEASE and Ports FreeBSD 5.1-RELEASE FreeBSD 5.0-RELEASE FreeBSD 4.11-RELEASE FreeBSD 4.11-RELEASE and Ports FreeBSD 4.10-RELEASE FreeBSD 4.10-RELEASE and Ports FreeBSD 4.9-RELEASE FreeBSD 4.9-RELEASE and Ports FreeBSD 4.8-RELEASE FreeBSD 4.8-RELEASE and Ports FreeBSD 4.7-RELEASE FreeBSD 4.6.2-RELEASE FreeBSD 4.6.2-RELEASE and Ports FreeBSD 4.6-RELEASE FreeBSD 4.6-RELEASE and Ports FreeBSD 4.5-RELEASE FreeBSD 4.5-RELEASE and Ports FreeBSD 4.4-RELEASE FreeBSD 4.3-RELEASE FreeBSD 4.3-RELEASE and Ports FreeBSD 4.2-RELEASE FreeBSD 4.2-RELEASE and Ports FreeBSD 4.1.1-RELEASE FreeBSD 4.1.1-RELEASE and Ports FreeBSD 4.1-RELEASE FreeBSD 4.0-RELEASE FreeBSD 3.5.1-RELEASE FreeBSD 3.5.1-RELEASE and Ports FreeBSD 3.5-RELEASE and Ports FreeBSD 3.4-RELEASE FreeBSD 3.4-RELEASE and Ports FreeBSD 3.3-RELEASE FreeBSD 3.2-RELEASE FreeBSD 3.1-RELEASE FreeBSD 3.0-RELEASE FreeBSD 2.2.8-RELEASE FreeBSD 2.2.8-RELEASE and Ports FreeBSD 2.2.7-RELEASE FreeBSD 2.2.6-RELEASE FreeBSD 2.2.5-RELEASE FreeBSD 2.2.2-RELEASE FreeBSD 2.2.1-RELEASE FreeBSD 2.1.7.1-RELEASE FreeBSD 2.1.6.1-RELEASE FreeBSD 2.1.5-RELEASE FreeBSD 2.1.0-RELEASE FreeBSD 2.0.5-RELEASE FreeBSD 2.0-RELEASE FreeBSD 1.1.5.1-RELEASE FreeBSD 1.1-RELEASE FreeBSD 1.0-RELEASE FreeBSD Ports 14.3 FreeBSD Ports 14.3.quarterly FreeBSD Ports 14.2 FreeBSD Ports 14.1 FreeBSD Ports 14.0 FreeBSD Ports 13.5 FreeBSD Ports 13.4 FreeBSD Ports 13.3 FreeBSD Ports 13.2 FreeBSD Ports 13.1 FreeBSD Ports 13.0 FreeBSD Ports 12.4 FreeBSD Ports 12.3 FreeBSD Ports 12.2 FreeBSD Ports 12.1 FreeBSD Ports 12.0 FreeBSD Ports 11.4 FreeBSD Ports 11.3 FreeBSD Ports 11.2 FreeBSD Ports 11.1 FreeBSD Ports 11.0 FreeBSD Ports 10.4 FreeBSD Ports 10.3 FreeBSD Ports 10.2 FreeBSD Ports 10.1 FreeBSD Ports 10.0 FreeBSD Ports 9.3 FreeBSD Ports 9.2 FreeBSD Ports 9.1 FreeBSD Ports 9.0 FreeBSD Ports 8.4 FreeBSD Ports 8.3 FreeBSD Ports 8.2 FreeBSD Ports 8.1 FreeBSD Ports 8.0 FreeBSD Ports 7.4 FreeBSD Ports 7.3 FreeBSD Ports 7.2 FreeBSD Ports 7.1 FreeBSD Ports 7.0 FreeBSD Ports 6.4 FreeBSD Ports 6.3 FreeBSD Ports 6.2 FreeBSD Ports 6.0 FreeBSD Ports 5.5 FreeBSD Ports 5.4 FreeBSD Ports 5.3 FreeBSD Ports 5.2.1 FreeBSD Ports 5.2 FreeBSD Ports 5.1 FreeBSD Ports 4.11 FreeBSD Ports 4.10 FreeBSD Ports 4.9 FreeBSD Ports 4.8 FreeBSD Ports 4.7 FreeBSD Ports 4.6.2 FreeBSD Ports 4.6 FreeBSD Ports 4.5 FreeBSD Ports 4.3 FreeBSD Ports 4.2 FreeBSD Ports 4.1.1 FreeBSD Ports 3.5.1 FreeBSD Ports 3.5 FreeBSD Ports 3.4 FreeBSD Ports 2.2.8 4.4BSD Lite2 4.3BSD NET/2 4.3BSD Reno 2.11 BSD 2.10 BSD 2.9.1 BSD 2.8 BSD 386BSD 0.1 386BSD 0.0 CentOS 7.9 CentOS 7.8 CentOS 7.7 CentOS 7.6 CentOS 7.5 CentOS 7.4 CentOS 7.3 CentOS 7.2 CentOS 7.1 CentOS 7.0 CentOS 6.10 CentOS 6.9 CentOS 6.8 CentOS 6.7 CentOS 6.6 CentOS 6.5 CentOS 6.4 CentOS 6.3 CentOS 6.2 CentOS 6.1 CentOS 6.0 CentOS 5.11 CentOS 5.10 CentOS 5.9 CentOS 5.8 CentOS 5.7 CentOS 5.6 CentOS 5.5 CentOS 5.4 CentOS 4.8 CentOS 3.9 Darwin 8.0.1/ppc Darwin 7.0.1 Darwin 6.0.2/x86 Darwin 1.4.1/x86 Darwin 1.3.1/x86 Debian 14.0 unstable Debian 13.1.0 Debian 12.11.0 Debian 11.11.0 Debian 10.13.0 Debian 9.13.0 Debian 8.11.1 Debian 7.11.0 Debian 6.0.10 Debian 5.0.10 Debian 4.0.9 Debian 3.1.8 Debian 2.2.7 Debian 2.0.0 Dell UNIX SVR4 2.2 DragonFly 6.4.0 DragonFly 5.8.3 DragonFly 4.8.1 DragonFly 3.8.2 DragonFly 2.10.1 DragonFly 1.12.1 DragonFly 1.0A HP-UX 11.22 HP-UX 11.20 HP-UX 11.11 HP-UX 11.00 HP-UX 10.20 HP-UX 10.10 HP-UX 10.01 HP-UX 9.07 HP-UX 8.07 Inferno 4th Edition IRIX 6.5.30 Linux Slackware 3.1 MACH 2.5/i386 macOS 26.0 macOS 15.7 macOS 14.8 macOS 13.6.5 macOS 12.7.3 macOS 11.1 macOS 10.15.0 macOS 10.13.6 macOS 10.12.0 Minix 3.3.0 Minix 3.2.1 Minix 3.2.0 Minix 3.1.7 Minix 3.1.6 Minix 3.1.5 Minix 2.0.0 NetBSD 10.1 NetBSD 10.0 NetBSD 9.4 NetBSD 9.3 NetBSD 9.2 NetBSD 9.1 NetBSD 9.0 NetBSD 8.2 NetBSD 8.1 NetBSD 8.0 NetBSD 7.1 NetBSD 7.0 NetBSD 6.1.5 NetBSD 6.0 NetBSD 5.1 NetBSD 5.0 NetBSD 4.0.1 NetBSD 4.0 NetBSD 3.1 NetBSD 3.0 NetBSD 2.1 NetBSD 2.0.2 NetBSD 2.0 NetBSD 1.6.2 NetBSD 1.6.1 NetBSD 1.6 NetBSD 1.5.3 NetBSD 1.5.2 NetBSD 1.5.1 NetBSD 1.5 NetBSD 1.4.3 NetBSD 1.4.2 NetBSD 1.4.1 NetBSD 1.4 NetBSD 1.3.3 NetBSD 1.3.2 NetBSD 1.3.1 NetBSD 1.3 NetBSD 1.2.1 NetBSD 1.2 NetBSD 1.1 NetBSD 1.0 NeXTSTEP 3.3 OpenBSD 7.7 OpenBSD 7.6 OpenBSD 7.5 OpenBSD 7.4 OpenBSD 7.3 OpenBSD 7.2 OpenBSD 7.1 OpenBSD 7.0 OpenBSD 6.9 OpenBSD 6.8 OpenBSD 6.7 OpenBSD 6.6 OpenBSD 6.5 OpenBSD 6.4 OpenBSD 6.3 OpenBSD 6.2 OpenBSD 6.1 OpenBSD 6.0 OpenBSD 5.9 OpenBSD 5.8 OpenBSD 5.7 OpenBSD 5.6 OpenBSD 5.5 OpenBSD 5.4 OpenBSD 5.3 OpenBSD 5.2 OpenBSD 5.1 OpenBSD 5.0 OpenBSD 4.9 OpenBSD 4.8 OpenBSD 4.7 OpenBSD 4.6 OpenBSD 4.5 OpenBSD 4.4 OpenBSD 4.3 OpenBSD 4.2 OpenBSD 4.1 OpenBSD 4.0 OpenBSD 3.9 OpenBSD 3.8 OpenBSD 3.7 OpenBSD 3.6 OpenBSD 3.5 OpenBSD 3.4 OpenBSD 3.3 OpenBSD 3.2 OpenBSD 3.1 OpenBSD 3.0 OpenBSD 2.9 OpenBSD 2.8 OpenBSD 2.7 OpenBSD 2.6 OpenBSD 2.5 OpenBSD 2.4 OpenBSD 2.3 OpenBSD 2.2 OpenBSD 2.1 OpenBSD 2.0 OpenDarwin 7.2.1 OpenDarwin 6.6.2/x86 OpenDarwin 6.6.1/x86 OpenDarwin 20030208pre4/ppc OpenIndiana 2024.10 OpenIndiana 2022.10 OpenIndiana 2020.10 OpenIndiana 2017.10 OpenIndiana 2015.10 OpenIndiana 2013.08 OpenSolaris 2010.03 OpenSolaris 2009.06 OpenStep 4.2 openSUSE 42.3 openSUSE 42.2 openSUSE 42.1 openSUSE 16.0 openSUSE 15.6 openSUSE 15.5 openSUSE 15.4 openSUSE 15.3 openSUSE 15.2 openSUSE 15.1 openSUSE 15.0 openSUSE 13.2 openSUSE 13.1 openSUSE 11.4 openSUSE 11.3 openSUSE 11.2 openSUSE 10.3 openSUSE 10.2 OSF1 V5.1/alpha OSF1 V4.0/alpha OSF1 V1.0/mips Plan 9 Red Hat 9.0 Red Hat 8.0 Red Hat 7.3 Red Hat 7.2 Red Hat 7.1 Red Hat 7.0 Red Hat 6.2 Red Hat 6.1 Red Hat 5.2 Red Hat 5.0 Red Hat 4.2 Rhapsody DR1 Rhapsody DR2 Rocky 10.0 Rocky 9.6 Rocky 9.5 Rocky 9.4 Rocky 9.3 Rocky 9.2 Rocky 9.1 Rocky 9.0 Rocky 8.10 Rocky 8.9 Rocky 8.8 Rocky 8.7 Rocky 8.6 Rocky 8.5 Rocky 8.4 Rocky 8.3 Sun UNIX 0.4 SunOS 5.10 SunOS 5.9 SunOS 5.8 SunOS 5.7 SunOS 5.6 SunOS 5.5.1 SunOS 4.1.3 SuSE 11.3 SuSE 11.2 SuSE 11.1 SuSE 11.0 SuSE 10.3 SuSE 10.2 SuSE 10.1 SuSE 10.0 SuSE 9.3 SuSE 9.2 SuSE 8.2 SuSE 8.1 SuSE 8.0 SuSE 7.3 SuSE 7.2 SuSE 7.1 SuSE 7.0 SuSE 6.4 SuSE 6.3 SuSE 6.1 SuSE 6.0 SuSE 5.3 SuSE 5.2 SuSE 5.0 SuSE 4.3 SuSE ES 10 SP1 Ubuntu 24.04 noble Ubuntu 23.10 mantic Ubuntu 22.04 jammy Ubuntu 20.04 focal Ubuntu 18.04 bionic Ubuntu 16.04 xenial Ubuntu 14.04 trusty ULTRIX 4.2 Ultrix-32 2.0/VAX Unix Seventh Edition X11R7.4 X11R7.3.2 X11R7.2 X11R6.9.0 X11R6.8.2 X11R6.7.0 XFree86 4.8.0 XFree86 4.7.0 XFree86 4.6.0 XFree86 4.5.0 XFree86 4.4.0 XFree86 4.3.0 XFree86 4.2.99.3 XFree86 4.2.0 XFree86 4.1.0 XFree86 4.0.2 XFree86 4.0.1 XFree86 4.0 XFree86 3.3.6 XFree86 3.3 XFree86 2.1 All Architectures html pdf ascii

home | help

---

hx509_ca(3)		     Heimdal x509 library		   hx509_ca(3)

NAME
       hx509_ca	- hx509	CA functions

SYNOPSIS
   Functions
       int hx509_ca_tbs_init (hx509_context context, hx509_ca_tbs *tbs)
       void hx509_ca_tbs_free (hx509_ca_tbs *tbs)
       int hx509_ca_tbs_set_notBefore (hx509_context context, hx509_ca_tbs
	   tbs,	time_t t)
       int hx509_ca_tbs_set_notAfter (hx509_context context, hx509_ca_tbs tbs,
	   time_t t)
       int hx509_ca_tbs_set_notAfter_lifetime (hx509_context context,
	   hx509_ca_tbs	tbs, time_t delta)
       const struct units * hx509_ca_tbs_template_units	(void)
       int hx509_ca_tbs_set_template (hx509_context context, hx509_ca_tbs tbs,
	   int flags, hx509_cert cert)
       int hx509_ca_tbs_set_ca (hx509_context context, hx509_ca_tbs tbs, int
	   pathLenConstraint)
       int hx509_ca_tbs_set_proxy (hx509_context context, hx509_ca_tbs tbs,
	   int pathLenConstraint)
       int hx509_ca_tbs_set_domaincontroller (hx509_context context,
	   hx509_ca_tbs	tbs)
       int hx509_ca_tbs_set_spki (hx509_context	context, hx509_ca_tbs tbs,
	   const SubjectPublicKeyInfo *spki)
       int hx509_ca_tbs_set_serialnumber (hx509_context	context, hx509_ca_tbs
	   tbs,	const heim_integer *serialNumber)
       int hx509_ca_tbs_add_eku	(hx509_context context,	hx509_ca_tbs tbs,
	   const heim_oid *oid)
       int hx509_ca_tbs_add_crl_dp_uri (hx509_context context, hx509_ca_tbs
	   tbs,	const char *uri, hx509_name issuername)
       int hx509_ca_tbs_add_san_otherName (hx509_context context, hx509_ca_tbs
	   tbs,	const heim_oid *oid, const heim_octet_string *os)
       int hx509_ca_tbs_add_san_pkinit (hx509_context context, hx509_ca_tbs
	   tbs,	const char *principal)
       int hx509_ca_tbs_add_san_ms_upn (hx509_context context, hx509_ca_tbs
	   tbs,	const char *principal)
       int hx509_ca_tbs_add_san_jid (hx509_context context, hx509_ca_tbs tbs,
	   const char *jid)
       int hx509_ca_tbs_add_san_hostname (hx509_context	context, hx509_ca_tbs
	   tbs,	const char *dnsname)
       int hx509_ca_tbs_add_san_rfc822name (hx509_context context,
	   hx509_ca_tbs	tbs, const char	*rfc822Name)
       int hx509_ca_tbs_set_subject (hx509_context context, hx509_ca_tbs tbs,
	   hx509_name subject)
       int hx509_ca_tbs_set_unique (hx509_context context, hx509_ca_tbs	tbs,
	   const heim_bit_string *subjectUniqueID, const heim_bit_string
	   *issuerUniqueID)
       int hx509_ca_tbs_subject_expand (hx509_context context, hx509_ca_tbs
	   tbs,	hx509_env env)
       int hx509_ca_tbs_set_signature_algorithm	(hx509_context context,
	   hx509_ca_tbs	tbs, const AlgorithmIdentifier *sigalg)
       int hx509_ca_sign (hx509_context	context, hx509_ca_tbs tbs, hx509_cert
	   signer, hx509_cert *certificate)
       int hx509_ca_sign_self (hx509_context context, hx509_ca_tbs tbs,
	   hx509_private_key signer, hx509_cert	*certificate)

Detailed Description
       See the Hx509 CA	functions for description and examples.

Function Documentation
   int hx509_ca_sign (hx509_context context, hx509_ca_tbs tbs, hx509_cert
       signer, hx509_cert * certificate)
       Sign a to-be-signed certificate object with a issuer certificate.

       The caller needs	to at least have called	the following functions	on the
       to-be-signed certificate	object:

       • hx509_ca_tbs_init()

       • hx509_ca_tbs_set_subject()

       • hx509_ca_tbs_set_spki()

       When  done  the	to-be-signed  certificate  object should be freed with
       hx509_ca_tbs_free().

       When creating self-signed certificate use hx509_ca_sign_self() instead.

       Parameters
	   context A hx509 context.
	   tbs object to be signed.
	   signer the CA certificate object to sign with (need private key).
	   certificate return cerificate, free with hx509_cert_free().

       Returns
	   An hx509 error code,	see hx509_get_error_string().

   int	 hx509_ca_sign_self   (hx509_context   context,	  hx509_ca_tbs	  tbs,
       hx509_private_key signer, hx509_cert * certificate)
       Work just like hx509_ca_sign() but signs	it-self.

       Parameters
	   context A hx509 context.
	   tbs object to be signed.
	   signer private key to sign with.
	   certificate return cerificate, free with hx509_cert_free().

       Returns
	   An hx509 error code,	see hx509_get_error_string().

   int	hx509_ca_tbs_add_crl_dp_uri  (hx509_context context, hx509_ca_tbs tbs,
       const char * uri, hx509_name issuername)
       Add CRL distribution point URI to the to-be-signed certificate object.

       Parameters
	   context A hx509 context.
	   tbs object to be signed.
	   uri uri to the CRL.
	   issuername name of the issuer.

       Returns
	   An hx509 error code,	see hx509_get_error_string().

       issuername not supported

   int hx509_ca_tbs_add_eku (hx509_context context,  hx509_ca_tbs  tbs,	 const
       heim_oid	* oid)
       An  an  extended	 key  usage  to	 the  to-be-signed certificate object.
       Duplicates will detected	and not	added.

       Parameters
	   context A hx509 context.
	   tbs object to be signed.
	   oid extended	key usage to add.

       Returns
	   An hx509 error code,	see hx509_get_error_string().

   int hx509_ca_tbs_add_san_hostname (hx509_context context, hx509_ca_tbs tbs,
       const char * dnsname)
       Add a Subject Alternative Name  hostname	 to  to-be-signed  certificate
       object. A domain	match starts with ., an	exact match does not.

       Example	 of  a	an  domain  match:  .domain.se	matches	 the  hostname
       host.domain.se.

       Parameters
	   context A hx509 context.
	   tbs object to be signed.
	   dnsname a hostame.

       Returns
	   An hx509 error code,	see hx509_get_error_string().

   int	hx509_ca_tbs_add_san_jid  (hx509_context  context,  hx509_ca_tbs  tbs,
       const char * jid)
       Add  a  Jabber/XMPP  jid	 Subject  Alternative Name to the to-be-signed
       certificate object. The jid is an UTF8 string.

       Parameters
	   context A hx509 context.
	   tbs object to be signed.
	   jid string of an a jabber id	in UTF8.

       Returns
	   An hx509 error code,	see hx509_get_error_string().

   int hx509_ca_tbs_add_san_ms_upn (hx509_context context,  hx509_ca_tbs  tbs,
       const char * principal)
       Add   Microsoft	UPN  Subject  Alternative  Name	 to  the  to-be-signed
       certificate object. The principal string	is a UTF8 string.

       Parameters
	   context A hx509 context.
	   tbs object to be signed.
	   principal Microsoft UPN string.

       Returns
	   An hx509 error code,	see hx509_get_error_string().

   int	hx509_ca_tbs_add_san_otherName	(hx509_context	context,  hx509_ca_tbs
       tbs, const heim_oid * oid, const	heim_octet_string * os)
       Add  Subject Alternative	Name otherName to the to-be-signed certificate
       object.

       Parameters
	   context A hx509 context.
	   tbs object to be signed.
	   oid the oid of the OtherName.
	   os data in the other	name.

       Returns
	   An hx509 error code,	see hx509_get_error_string().

   int hx509_ca_tbs_add_san_pkinit (hx509_context context,  hx509_ca_tbs  tbs,
       const char * principal)
       Add  Kerberos  Subject Alternative Name to the to-be-signed certificate
       object. The principal string is a UTF8 string.

       Parameters
	   context A hx509 context.
	   tbs object to be signed.
	   principal Kerberos principal	to add to the certificate.

       Returns
	   An hx509 error code,	see hx509_get_error_string().

   int hx509_ca_tbs_add_san_rfc822name	(hx509_context	context,  hx509_ca_tbs
       tbs, const char * rfc822Name)
       Add  a  Subject Alternative Name	rfc822 (email address) to to-be-signed
       certificate object.

       Parameters
	   context A hx509 context.
	   tbs object to be signed.
	   rfc822Name a	string to a email address.

       Returns
	   An hx509 error code,	see hx509_get_error_string().

   void	hx509_ca_tbs_free (hx509_ca_tbs	* tbs)
       Free an To Be Signed object.

       Parameters
	   tbs object to free.

   int hx509_ca_tbs_init (hx509_context	context, hx509_ca_tbs *	tbs)
       Allocate	an to-be-signed	certificate object that	will be	converted into
       an certificate.

       Parameters
	   context A hx509 context.
	   tbs	 returned   to-be-signed   certicate   object,	  free	  with
	   hx509_ca_tbs_free().

       Returns
	   An hx509 error code,	see hx509_get_error_string().

   int	hx509_ca_tbs_set_ca  (hx509_context  context,  hx509_ca_tbs  tbs,  int
       pathLenConstraint)
       Make the	to-be-signed certificate  object  a  CA	 certificate.  If  the
       pathLenConstraint is negative path length constraint is used.

       Parameters
	   context A hx509 context.
	   tbs object to be signed.
	   pathLenConstraint path length constraint, negative, no constraint.

       Returns
	   An hx509 error code,	see hx509_get_error_string().

   int	hx509_ca_tbs_set_domaincontroller (hx509_context context, hx509_ca_tbs
       tbs)
       Make the	to-be-signed certificate object	a  windows  domain  controller
       certificate.

       Parameters
	   context A hx509 context.
	   tbs object to be signed.

       Returns
	   An hx509 error code,	see hx509_get_error_string().

   int	hx509_ca_tbs_set_notAfter  (hx509_context  context,  hx509_ca_tbs tbs,
       time_t t)
       Set the absolute	time when the certificate is valid to.

       Parameters
	   context A hx509 context.
	   tbs object to be signed.
	   t time when the certificate will expire

       Returns
	   An hx509 error code,	see hx509_get_error_string().

   int hx509_ca_tbs_set_notAfter_lifetime (hx509_context context, hx509_ca_tbs
       tbs, time_t delta)
       Set the relative	time when the certificiate is going to expire.

       Parameters
	   context A hx509 context.
	   tbs object to be signed.
	   delta seconds to the	certificate is going to	expire.

       Returns
	   An hx509 error code,	see hx509_get_error_string().

   int hx509_ca_tbs_set_notBefore (hx509_context  context,  hx509_ca_tbs  tbs,
       time_t t)
       Set  the	 absolute  time	when the certificate is	valid from. If not set
       the current time	will be	used.

       Parameters
	   context A hx509 context.
	   tbs object to be signed.
	   t time the certificated will	start to be valid

       Returns
	   An hx509 error code,	see hx509_get_error_string().

   int hx509_ca_tbs_set_proxy (hx509_context context,  hx509_ca_tbs  tbs,  int
       pathLenConstraint)
       Make  the  to-be-signed	certificate object a proxy certificate.	If the
       pathLenConstraint is negative path length constraint is used.

       Parameters
	   context A hx509 context.
	   tbs object to be signed.
	   pathLenConstraint path length constraint, negative, no constraint.

       Returns
	   An hx509 error code,	see hx509_get_error_string().

   int hx509_ca_tbs_set_serialnumber (hx509_context context, hx509_ca_tbs tbs,
       const heim_integer * serialNumber)
       Set the serial number to	use for	to-be-signed certificate object.

       Parameters
	   context A hx509 context.
	   tbs object to be signed.
	   serialNumber	serial number to use for the to-be-signed  certificate
	   object.

       Returns
	   An hx509 error code,	see hx509_get_error_string().

   int	   hx509_ca_tbs_set_signature_algorithm	    (hx509_context    context,
       hx509_ca_tbs tbs, const AlgorithmIdentifier * sigalg)
       Set signature algorithm on the to be signed certificate

       Parameters
	   context A hx509 context.
	   tbs object to be signed.
	   sigalg signature algorithm to use

       Returns
	   An hx509 error code,	see hx509_get_error_string().

   int hx509_ca_tbs_set_spki (hx509_context context, hx509_ca_tbs  tbs,	 const
       SubjectPublicKeyInfo * spki)
       Set  the	subject	public key info	(SPKI) in the to-be-signed certificate
       object. SPKI is the public  key	and  key  related  parameters  in  the
       certificate.

       Parameters
	   context A hx509 context.
	   tbs object to be signed.
	   spki	  subject   public  key	 info  to  use	for  the  to-be-signed
	   certificate object.

       Returns
	   An hx509 error code,	see hx509_get_error_string().

   int	hx509_ca_tbs_set_subject  (hx509_context  context,  hx509_ca_tbs  tbs,
       hx509_name subject)
       Set the subject name of a to-be-signed certificate object.

       Parameters
	   context A hx509 context.
	   tbs object to be signed.
	   subject the name to set a subject.

       Returns
	   An hx509 error code,	see hx509_get_error_string().

   int hx509_ca_tbs_set_template (hx509_context	context, hx509_ca_tbs tbs, int
       flags, hx509_cert cert)
       Initialize   the	  to-be-signed	certificate  object  from  a  template
       certifiate.

       Parameters
	   context A hx509 context.
	   tbs object to be signed.
	   flags  bit  field  selecting	 what  to  copy	 from	the   template
	   certifiate.
	   cert	template certificate.

       Returns
	   An hx509 error code,	see hx509_get_error_string().

   int hx509_ca_tbs_set_unique (hx509_context context, hx509_ca_tbs tbs, const
       heim_bit_string	  *    subjectUniqueID,	   const   heim_bit_string   *
       issuerUniqueID)
       Set the issuerUniqueID and subjectUniqueID

       These  are  only	 supposed  to  be  used	 considered  with  version   2
       certificates,  replaced	by the two extensions SubjectKeyIdentifier and
       IssuerKeyIdentifier. This function is to	allow application using	legacy
       protocol	to issue them.

       Parameters
	   context A hx509 context.
	   tbs object to be signed.
	   issuerUniqueID to be	set
	   subjectUniqueID to be set

       Returns
	   An hx509 error code,	see hx509_get_error_string().

   int hx509_ca_tbs_subject_expand (hx509_context context,  hx509_ca_tbs  tbs,
       hx509_env env)
       Expand  the  the	 subject  name	in the to-be-signed certificate	object
       using hx509_name_expand().

       Parameters
	   context A hx509 context.
	   tbs object to be signed.
	   env environment variable to expand variables	in the	subject	 name,
	   see hx509_env_init().

       Returns
	   An hx509 error code,	see hx509_get_error_string().

   const struct	units* hx509_ca_tbs_template_units (void)
       Make   of   template   units,   use   to	  build	  flags	  argument  to
       hx509_ca_tbs_set_template() with	parse_units().

       Returns
	   an units structure.

Author
       Generated automatically by Doxygen for Heimdal x509  library  from  the
       source code.

Version	7.8.0			Tue Nov	15 2022			   hx509_ca(3)

---

NAME | SYNOPSIS | Detailed Description | Function Documentation | Author

Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=hx509_ca_tbs_add_san_pkinit&sektion=3&manpath=FreeBSD+Ports+14.3.quarterly>

home | help

---

Legal Notices | © 1995-2025 The FreeBSD Project. All rights reserved.

Contact