|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@deftypefun {int} {gnutls_certificate_set_x509_key_file2} (gnutls_certificate_credentials_t @var{res}, const char * @var{certfile}, const char * @var{keyfile}, gnutls_x509_crt_fmt_t @var{type}, const char * @var{pass}, unsigned int @var{flags})
|
|
Packit Service |
4684c1 |
@var{res}: is a @code{gnutls_certificate_credentials_t} type.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@var{certfile}: is a file that containing the certificate list (path) for
|
|
Packit Service |
4684c1 |
the specified private key, in PKCS7 format, or a list of certificates
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@var{keyfile}: is a file that contains the private key
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@var{type}: is PEM or DER
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@var{pass}: is the password of the key
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@var{flags}: an ORed sequence of gnutls_pkcs_encrypt_flags_t
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
This function sets a certificate/private key pair in the
|
|
Packit Service |
4684c1 |
gnutls_certificate_credentials_t type. This function may be
|
|
Packit Service |
4684c1 |
called more than once, in case multiple keys/certificates exist for
|
|
Packit Service |
4684c1 |
the server. For clients that need to send more than its own end
|
|
Packit Service |
4684c1 |
entity certificate, e.g., also an intermediate CA cert, then the
|
|
Packit Service |
4684c1 |
@code{certfile} must contain the ordered certificate chain.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
Note that the names in the certificate provided will be considered
|
|
Packit Service |
4684c1 |
when selecting the appropriate certificate to use (in case of multiple
|
|
Packit Service |
4684c1 |
certificate/key pairs).
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
This function can also accept URLs at @code{keyfile} and @code{certfile} . In that case it
|
|
Packit Service |
4684c1 |
will use the private key and certificate indicated by the URLs. Note
|
|
Packit Service |
4684c1 |
that the supported URLs are the ones indicated by @code{gnutls_url_is_supported()} .
|
|
Packit Service |
4684c1 |
Before GnuTLS 3.4.0 when a URL was specified, the @code{pass} part was ignored and a
|
|
Packit Service |
4684c1 |
PIN callback had to be registered, this is no longer the case in current releases.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
In case the @code{certfile} is provided as a PKCS @code{11} URL, then the certificate, and its
|
|
Packit Service |
4684c1 |
present issuers in the token are imported (i.e., forming the required trust chain).
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
If that function fails to load the @code{res} structure is at an undefined state, it must
|
|
Packit Service |
4684c1 |
not be reused to load other keys or certificates.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
Note that, this function by default returns zero on success and a negative value on error.
|
|
Packit Service |
4684c1 |
Since 3.5.6, when the flag @code{GNUTLS_CERTIFICATE_API_V2} is set using @code{gnutls_certificate_set_flags()}
|
|
Packit Service |
4684c1 |
it returns an index (greater or equal to zero). That index can be used to other functions to refer to the added key-pair.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@strong{Returns:} On success this functions returns zero, and otherwise a negative value on error (see above for modifying that behavior).
|
|
Packit Service |
4684c1 |
@end deftypefun
|