diff options
Diffstat (limited to 'openssl-1.1.0h/doc/ssl/SSL_CTX_add_extra_chain_cert.pod')
-rw-r--r-- | openssl-1.1.0h/doc/ssl/SSL_CTX_add_extra_chain_cert.pod | 80 |
1 files changed, 80 insertions, 0 deletions
diff --git a/openssl-1.1.0h/doc/ssl/SSL_CTX_add_extra_chain_cert.pod b/openssl-1.1.0h/doc/ssl/SSL_CTX_add_extra_chain_cert.pod new file mode 100644 index 0000000..e2783de --- /dev/null +++ b/openssl-1.1.0h/doc/ssl/SSL_CTX_add_extra_chain_cert.pod @@ -0,0 +1,80 @@ +=pod + +=head1 NAME + +SSL_CTX_add_extra_chain_cert, SSL_CTX_clear_extra_chain_certs - add or clear +extra chain certificates + +=head1 SYNOPSIS + + #include <openssl/ssl.h> + + long SSL_CTX_add_extra_chain_cert(SSL_CTX *ctx, X509 *x509); + long SSL_CTX_clear_extra_chain_certs(SSL_CTX *ctx); + +=head1 DESCRIPTION + +SSL_CTX_add_extra_chain_cert() adds the certificate B<x509> to the extra chain +certificates associated with B<ctx>. Several certificates can be added one +after another. + +SSL_CTX_clear_extra_chain_certs() clears all extra chain certificates +associated with B<ctx>. + +These functions are implemented as macros. + +=head1 NOTES + +When sending a certificate chain, extra chain certificates are sent in order +following the end entity certificate. + +If no chain is specified, the library will try to complete the chain from the +available CA certificates in the trusted CA storage, see +L<SSL_CTX_load_verify_locations(3)>. + +The B<x509> certificate provided to SSL_CTX_add_extra_chain_cert() will be +freed by the library when the B<SSL_CTX> is destroyed. An application +B<should not> free the B<x509> object. + +=head1 RESTRICTIONS + +Only one set of extra chain certificates can be specified per SSL_CTX +structure. Different chains for different certificates (for example if both +RSA and DSA certificates are specified by the same server) or different SSL +structures with the same parent SSL_CTX cannot be specified using this +function. For more flexibility functions such as SSL_add1_chain_cert() should +be used instead. + +=head1 RETURN VALUES + +SSL_CTX_add_extra_chain_cert() and SSL_CTX_clear_extra_chain_certs() return +1 on success and 0 for failure. Check out the error stack to find out the +reason for failure. + +=head1 SEE ALSO + +L<ssl(3)>, +L<SSL_CTX_use_certificate(3)>, +L<SSL_CTX_set_client_cert_cb(3)>, +L<SSL_CTX_load_verify_locations(3)> +L<SSL_CTX_set0_chain(3)> +L<SSL_CTX_set1_chain(3)> +L<SSL_CTX_add0_chain_cert(3)> +L<SSL_CTX_add1_chain_cert(3)> +L<SSL_set0_chain(3)> +L<SSL_set1_chain(3)> +L<SSL_add0_chain_cert(3)> +L<SSL_add1_chain_cert(3)> +L<SSL_CTX_build_cert_chain(3)> +L<SSL_build_cert_chain(3)> + +=head1 COPYRIGHT + +Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. + +Licensed under the OpenSSL license (the "License"). You may not use +this file except in compliance with the License. You can obtain a copy +in the file LICENSE in the source distribution or at +L<https://www.openssl.org/source/license.html>. + +=cut |