FreeBSD Manual Pages

home | help
gnutls_certifi..._x509_key_file2(3) gnutls gnutls_certifi..._x509_key_file2(3)

NAME
       gnutls_certificate_set_x509_key_file2 - API function

SYNOPSIS
       #include	<gnutls/gnutls.h>

       int    gnutls_certificate_set_x509_key_file2(gnutls_certificate_creden-
       tials_t	res,  const  char  *   certfile,   const   char	  *   keyfile,
       gnutls_x509_crt_fmt_t type, const char *	pass, unsigned int flags);

ARGUMENTS
       gnutls_certificate_credentials_t	res
		   is a	gnutls_certificate_credentials_t type.

       const char * certfile
		   is  a  file that containing the certificate list (path) for
		   the specified private key, in PKCS7 format, or  a  list  of
		   certificates

       const char * keyfile
		   is a	file that contains the private key

       gnutls_x509_crt_fmt_t type
		   is PEM or DER

       const char * pass
		   is the password of the key

       unsigned	int flags
		   an ORed sequence of gnutls_pkcs_encrypt_flags_t

DESCRIPTION
       This  function  sets  a certificate/private key pair in the gnutls_cer-
       tificate_credentials_t type.  This function may	be  called  more  than
       once,  in  case	multiple  keys/certificates exist for the server.  For
       clients that need to send more than its	own  end  entity  certificate,
       e.g., also an intermediate CA cert, then	the
	certfile must contain the ordered certificate chain.

       Note that the names in the certificate provided will be considered when
       selecting  the appropriate certificate to use (in case of multiple cer-
       tificate/key pairs).

       This function can also accept URLs at  keyfile and  certfile . In  that
       case it will use	the private key	and certificate	indicated by the URLs.
       Note   that   the   supported   URLs   are   the	  ones	 indicated  by
       gnutls_url_is_supported().  Before GnuTLS 3.4.0 when a URL  was	speci-
       fied,  the   pass  part was ignored and a PIN callback had to be	regis-
       tered, this is no longer	the case in current releases.

       In case the  certfile is	provided as a PKCS 11 URL, then	 the  certifi-
       cate,  and its present issuers in the token are imported	(i.e., forming
       the required trust chain).

       If that function	fails to load the  res structure is  at	 an  undefined
       state, it must not be reused to load other keys or certificates.

       Note that, this function	by default returns zero	on success and a nega-
       tive  value  on	error.	 Since	3.5.6,	when  the flag GNUTLS_CERTIFI-
       CATE_API_V2 is set using	gnutls_certificate_set_flags() it  returns  an
       index (greater or equal to zero). That index can	be used	to other func-
       tions to	refer to the added key-pair.

RETURNS
       On  success this	functions returns zero,	and otherwise a	negative value
       on error	(see above for modifying that behavior).

REPORTING BUGS
       Report bugs to <bugs@gnutls.org>.
       Home page: https://www.gnutls.org

COPYRIGHT
       Copyright (C) 2001-2023 Free Software Foundation, Inc., and others.
       Copying and distribution	of this	file, with  or	without	 modification,
       are  permitted in any medium without royalty provided the copyright no-
       tice and	this notice are	preserved.

SEE ALSO
       The full	documentation for gnutls is maintained as  a  Texinfo  manual.
       If the /usr/local/share/doc/gnutls/ directory does not contain the HTML
       form visit

       https://www.gnutls.org/manual/

gnutls				     3.8.9 gnutls_certifi..._x509_key_file2(3)
Want to link to this manual page? Use this URL:
<https://man.freebsd.org/cgi/man.cgi?query=gnutls_certificate_set_x509_key_file2&sektion=3&manpath=FreeBSD+Ports+14.3.quarterly>
home | help
Header And Logo

Peripheral Links

Site Navigation

FreeBSD Manual Pages

Header And Logo

Peripheral Links

Search

Site Navigation

FreeBSD Manual Pages
