|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@deftypefun {int} {gnutls_certificate_set_ocsp_status_request_file} (gnutls_certificate_credentials_t @var{sc}, const char * @var{response_file}, unsigned @var{idx})
|
|
Packit Service |
4684c1 |
@var{sc}: is a credentials structure.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@var{response_file}: a filename of the OCSP response
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@var{idx}: is a certificate index as returned by @code{gnutls_certificate_set_key()} and friends
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
This function loads the provided OCSP response. It will be
|
|
Packit Service |
4684c1 |
sent to the client if requests an OCSP certificate status for
|
|
Packit Service |
4684c1 |
the certificate chain specified by @code{idx} .
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@strong{Note:} the ability to set multiple OCSP responses per credential
|
|
Packit Service |
4684c1 |
structure via the index @code{idx} was added in version 3.5.6. To keep
|
|
Packit Service |
4684c1 |
backwards compatibility, it requires using @code{gnutls_certificate_set_flags()}
|
|
Packit Service |
4684c1 |
with the @code{GNUTLS_CERTIFICATE_API_V2} flag to make the set certificate
|
|
Packit Service |
4684c1 |
functions return an index usable by this function.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
This function can be called multiple times since GnuTLS 3.6.3
|
|
Packit Service |
4684c1 |
when multiple responses which apply to the chain are available.
|
|
Packit Service |
4684c1 |
If the response provided does not match any certificates present
|
|
Packit Service |
4684c1 |
in the chain, the code @code{GNUTLS_E_OCSP_MISMATCH_WITH_CERTS} is returned.
|
|
Packit Service |
4684c1 |
To revert to the previous behavior set the flag @code{GNUTLS_CERTIFICATE_SKIP_OCSP_RESPONSE_CHECK}
|
|
Packit Service |
4684c1 |
in the certificate credentials structure. In that case, only the
|
|
Packit Service |
4684c1 |
end-certificate's OCSP response can be set.
|
|
Packit Service |
4684c1 |
If the response is already expired at the time of loading the code
|
|
Packit Service |
4684c1 |
@code{GNUTLS_E_EXPIRED} is returned.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
To revert to the previous behavior of this function which does not return
|
|
Packit Service |
4684c1 |
any errors, set the flag @code{GNUTLS_CERTIFICATE_SKIP_OCSP_RESPONSE_CHECK}
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@strong{Returns:} On success, @code{GNUTLS_E_SUCCESS} (0) is returned,
|
|
Packit Service |
4684c1 |
otherwise a negative error code is returned.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@strong{Since:} 3.1.3
|
|
Packit Service |
4684c1 |
@end deftypefun
|