]>
Commit | Line | Data |
---|---|---|
356c06c7 RL |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
d8652be0 | 5 | SSL_load_client_CA_file_ex, SSL_load_client_CA_file, |
ee669781 RL |
6 | SSL_add_file_cert_subjects_to_stack, |
7 | SSL_add_dir_cert_subjects_to_stack, | |
8 | SSL_add_store_cert_subjects_to_stack | |
9 | - load certificate names | |
356c06c7 RL |
10 | |
11 | =head1 SYNOPSIS | |
12 | ||
13 | #include <openssl/ssl.h> | |
14 | ||
d8652be0 | 15 | STACK_OF(X509_NAME) *SSL_load_client_CA_file_ex(const char *file, |
b4250010 | 16 | OSSL_LIB_CTX *libctx, |
d8652be0 | 17 | const char *propq); |
356c06c7 RL |
18 | STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file); |
19 | ||
ee669781 | 20 | int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, |
f64f17c3 | 21 | const char *file); |
ee669781 | 22 | int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, |
f64f17c3 | 23 | const char *dir); |
ee669781 | 24 | int SSL_add_store_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack, |
f64f17c3 | 25 | const char *store); |
ee669781 | 26 | |
356c06c7 RL |
27 | =head1 DESCRIPTION |
28 | ||
d8652be0 | 29 | SSL_load_client_CA_file_ex() reads certificates from I<file> and returns |
6725682d | 30 | a STACK_OF(X509_NAME) with the subject names found. The library context I<libctx> |
bea31afe | 31 | and property query I<propq> are used when fetching algorithms from providers. |
6725682d | 32 | |
d8652be0 | 33 | SSL_load_client_CA_file() is similar to SSL_load_client_CA_file_ex() |
bea31afe | 34 | but uses NULL for the library context I<libctx> and property query I<propq>. |
356c06c7 | 35 | |
ee669781 RL |
36 | SSL_add_file_cert_subjects_to_stack() reads certificates from I<file>, |
37 | and adds their subject name to the already existing I<stack>. | |
38 | ||
39 | SSL_add_dir_cert_subjects_to_stack() reads certificates from every | |
40 | file in the directory I<dir>, and adds their subject name to the | |
41 | already existing I<stack>. | |
42 | ||
43 | SSL_add_store_cert_subjects_to_stack() loads certificates from the | |
44 | I<store> URI, and adds their subject name to the already existing | |
45 | I<stack>. | |
46 | ||
356c06c7 RL |
47 | =head1 NOTES |
48 | ||
49 | SSL_load_client_CA_file() reads a file of PEM formatted certificates and | |
50 | extracts the X509_NAMES of the certificates found. While the name suggests | |
51 | the specific usage as support function for | |
9b86974e | 52 | L<SSL_CTX_set_client_CA_list(3)>, |
356c06c7 RL |
53 | it is not limited to CA certificates. |
54 | ||
356c06c7 RL |
55 | =head1 RETURN VALUES |
56 | ||
9f3a7ca2 SS |
57 | The following return values can occur for SSL_load_client_CA_file_ex(), and |
58 | SSL_load_client_CA_file(): | |
356c06c7 RL |
59 | |
60 | =over 4 | |
61 | ||
62 | =item NULL | |
63 | ||
64 | The operation failed, check out the error stack for the reason. | |
65 | ||
66 | =item Pointer to STACK_OF(X509_NAME) | |
67 | ||
68 | Pointer to the subject names of the successfully read certificates. | |
69 | ||
70 | =back | |
71 | ||
9f3a7ca2 SS |
72 | The following return values can occur for SSL_add_file_cert_subjects_to_stack(), |
73 | SSL_add_dir_cert_subjects_to_stack(), and SSL_add_store_cert_subjects_to_stack(): | |
74 | ||
75 | =over 4 | |
76 | ||
77 | =item 0 (Failure) | |
78 | ||
79 | The operation failed. | |
80 | ||
81 | =item 1 (Success) | |
82 | ||
83 | The operation succeeded. | |
84 | ||
85 | =back | |
86 | ||
4564e77a PY |
87 | =head1 EXAMPLES |
88 | ||
89 | Load names of CAs from file and use it as a client CA list: | |
90 | ||
91 | SSL_CTX *ctx; | |
92 | STACK_OF(X509_NAME) *cert_names; | |
93 | ||
94 | ... | |
95 | cert_names = SSL_load_client_CA_file("/path/to/CAfile.pem"); | |
96 | if (cert_names != NULL) | |
97 | SSL_CTX_set_client_CA_list(ctx, cert_names); | |
98 | else | |
99 | /* error */ | |
100 | ... | |
101 | ||
356c06c7 RL |
102 | =head1 SEE ALSO |
103 | ||
b97fdb57 | 104 | L<ssl(7)>, |
ee669781 | 105 | L<ossl_store(7)>, |
9b86974e | 106 | L<SSL_CTX_set_client_CA_list(3)> |
356c06c7 | 107 | |
ee669781 RL |
108 | =head1 HISTORY |
109 | ||
d8652be0 | 110 | SSL_load_client_CA_file_ex() and SSL_add_store_cert_subjects_to_stack() |
6725682d | 111 | were added in OpenSSL 3.0. |
ee669781 | 112 | |
e2f92610 RS |
113 | =head1 COPYRIGHT |
114 | ||
b6461792 | 115 | Copyright 2000-2024 The OpenSSL Project Authors. All Rights Reserved. |
e2f92610 | 116 | |
4746f25a | 117 | Licensed under the Apache License 2.0 (the "License"). You may not use |
e2f92610 RS |
118 | this file except in compliance with the License. You can obtain a copy |
119 | in the file LICENSE in the source distribution or at | |
120 | L<https://www.openssl.org/source/license.html>. | |
121 | ||
122 | =cut |