|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@deftypefun {int} {gnutls_certificate_set_x509_simple_pkcs12_file} (gnutls_certificate_credentials_t @var{res}, const char * @var{pkcs12file}, gnutls_x509_crt_fmt_t @var{type}, const char * @var{password})
|
|
Packit Service |
4684c1 |
@var{res}: is a @code{gnutls_certificate_credentials_t} type.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@var{pkcs12file}: filename of file containing PKCS@code{12} blob.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@var{type}: is PEM or DER of the @code{pkcs12file} .
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@var{password}: optional password used to decrypt PKCS@code{12} file, bags and keys.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
This function sets a certificate/private key pair and/or a CRL in
|
|
Packit Service |
4684c1 |
the gnutls_certificate_credentials_t type. This function may
|
|
Packit Service |
4684c1 |
be called more than once (in case multiple keys/certificates exist
|
|
Packit Service |
4684c1 |
for the server).
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
PKCS@code{12} files with a MAC, encrypted bags and PKCS @code{8}
|
|
Packit Service |
4684c1 |
private keys are supported. However,
|
|
Packit Service |
4684c1 |
only password based security, and the same password for all
|
|
Packit Service |
4684c1 |
operations, are supported.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
PKCS@code{12} file may contain many keys and/or certificates, and this
|
|
Packit Service |
4684c1 |
function will try to auto-detect based on the key ID the certificate
|
|
Packit Service |
4684c1 |
and key pair to use. If the PKCS@code{12} file contain the issuer of
|
|
Packit Service |
4684c1 |
the selected certificate, it will be appended to the certificate
|
|
Packit Service |
4684c1 |
to form a chain.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
If more than one private keys are stored in the PKCS@code{12} file,
|
|
Packit Service |
4684c1 |
then only one key will be read (and it is undefined which one).
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
It is believed that the limitations of this function is acceptable
|
|
Packit Service |
4684c1 |
for most usage, and that any more flexibility would introduce
|
|
Packit Service |
4684c1 |
complexity that would make it harder to use this functionality at
|
|
Packit Service |
4684c1 |
all.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
Note that, this function by default returns zero on success and a negative value on error.
|
|
Packit Service |
4684c1 |
Since 3.5.6, when the flag @code{GNUTLS_CERTIFICATE_API_V2} is set using @code{gnutls_certificate_set_flags()}
|
|
Packit Service |
4684c1 |
it returns an index (greater or equal to zero). That index can be used to other functions to refer to the added key-pair.
|
|
Packit Service |
4684c1 |
|
|
Packit Service |
4684c1 |
@strong{Returns:} On success this functions returns zero, and otherwise a negative value on error (see above for modifying that behavior).
|
|
Packit Service |
4684c1 |
@end deftypefun
|