source-git / openssl

Clone
Source Code
GIT

Blame doc/man3/SSL_CTX_config.pod

c8 c8s master
  1.   c4476c2d191c8f18018d947521358ac6321a212e
  2.   doc
  3.   man3
  4.   SSL_CTX_config.pod
Blob History Raw
Packit c4476c 
=pod
Packit c4476c
Packit c4476c 
=head1 NAME
Packit c4476c
Packit c4476c 
SSL_CTX_config, SSL_config - configure SSL_CTX or SSL structure
Packit c4476c
Packit c4476c 
=head1 SYNOPSIS
Packit c4476c
Packit c4476c 
 #include <openssl/ssl.h>
Packit c4476c
Packit c4476c 
 int SSL_CTX_config(SSL_CTX *ctx, const char *name);
Packit c4476c 
 int SSL_config(SSL *s, const char *name);
Packit c4476c
Packit c4476c 
=head1 DESCRIPTION
Packit c4476c
Packit c4476c 
The functions SSL_CTX_config() and SSL_config() configure an B<SSL_CTX> or
Packit c4476c 
B<SSL> structure using the configuration B<name>.
Packit c4476c
Packit c4476c 
=head1 NOTES
Packit c4476c
Packit c4476c 
By calling SSL_CTX_config() or SSL_config() an application can perform many
Packit c4476c 
complex tasks based on the contents of the configuration file: greatly
Packit c4476c 
simplifying application configuration code. A degree of future proofing
Packit c4476c 
can also be achieved: an application can support configuration features
Packit c4476c 
in newer versions of OpenSSL automatically.
Packit c4476c
Packit c4476c 
A configuration file must have been previously loaded, for example using
Packit c4476c 
CONF_modules_load_file(). See L<config(5)> for details of the configuration
Packit c4476c 
file syntax.
Packit c4476c
Packit c4476c 
=head1 RETURN VALUES
Packit c4476c
Packit c4476c 
SSL_CTX_config() and SSL_config() return 1 for success or 0 if an error
Packit c4476c 
occurred.
Packit c4476c
Packit c4476c 
=head1 EXAMPLES
Packit c4476c
Packit c4476c 
If the file "config.cnf" contains the following:
Packit c4476c
Packit c4476c 
 testapp = test_sect
Packit c4476c
Packit c4476c 
 [test_sect]
Packit c4476c 
 # list of configuration modules
Packit c4476c
Packit c4476c 
 ssl_conf = ssl_sect
Packit c4476c
Packit c4476c 
 [ssl_sect]
Packit c4476c 
 server = server_section
Packit c4476c
Packit c4476c 
 [server_section]
Packit c4476c 
 RSA.Certificate = server-rsa.pem
Packit c4476c 
 ECDSA.Certificate = server-ecdsa.pem
Packit c4476c 
 Ciphers = ALL:!RC4
Packit c4476c
Packit c4476c 
An application could call:
Packit c4476c
Packit c4476c 
 if (CONF_modules_load_file("config.cnf", "testapp", 0) <= 0) {
Packit c4476c 
     fprintf(stderr, "Error processing config file\n");
Packit c4476c 
     goto err;
Packit c4476c 
 }
Packit c4476c
Packit c4476c 
 ctx = SSL_CTX_new(TLS_server_method());
Packit c4476c
Packit c4476c 
 if (SSL_CTX_config(ctx, "server") == 0) {
Packit c4476c 
     fprintf(stderr, "Error configuring server.\n");
Packit c4476c 
     goto err;
Packit c4476c 
 }
Packit c4476c
Packit c4476c 
In this example two certificates and the cipher list are configured without
Packit c4476c 
the need for any additional application code.
Packit c4476c
Packit c4476c 
=head1 SEE ALSO
Packit c4476c
Packit c4476c 
L<config(5)>,
Packit c4476c 
L<SSL_CONF_cmd(3)>,
Packit c4476c 
L<CONF_modules_load_file(3)>
Packit c4476c
Packit c4476c 
=head1 HISTORY
Packit c4476c
Packit c4476c 
The SSL_CTX_config() and SSL_config() functions were added in OpenSSL 1.1.0.
Packit c4476c
Packit c4476c 
=head1 COPYRIGHT
Packit c4476c
Packit c4476c 
Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.
Packit c4476c
Packit c4476c 
Licensed under the OpenSSL license (the "License").  You may not use
Packit c4476c 
this file except in compliance with the License.  You can obtain a copy
Packit c4476c 
in the file LICENSE in the source distribution or at
Packit c4476c 
L<https://www.openssl.org/source/license.html>.
Packit c4476c
Packit c4476c 
=cut

Powered by Pagure 5.13.3

SSH Hostkey/Fingerprint | Documentation