1gnutls_certificate_set_ocsp_sgtnauttulss__rcegeqnruutetislftsi_cfaitlee_(s3e)t_ocsp_status_request_file(3)
2
3
4

NAME

6       gnutls_certificate_set_ocsp_status_request_file - API function
7

SYNOPSIS

9       #include <gnutls/gnutls.h>
10
11       int     gnutls_certificate_set_ocsp_status_request_file(gnutls_certifi‐
12       cate_credentials_t sc, const char * response_file, unsigned idx);
13

ARGUMENTS

15       gnutls_certificate_credentials_t sc
16                   is a credentials structure.
17
18       const char * response_file
19                   a filename of the OCSP response
20
21       unsigned idx
22                   is a  certificate  index  as  returned  by  gnutls_certifi‐
23                   cate_set_key() and friends
24

DESCRIPTION

26       This  function loads the provided OCSP response. It will be sent to the
27       client if requests an OCSP certificate status for the certificate chain
28       specified by  idx .
29

NOTE

31       the ability to set multiple OCSP responses per credential structure via
32       the index  idx was added in version 3.5.6. To keep  backwards  compati‐
33       bility,  it  requires  using  gnutls_certificate_set_flags()  with  the
34       GNUTLS_CERTIFICATE_API_V2 flag to make the  set  certificate  functions
35       return an index usable by this function.
36
37       This function can be called multiple times since GnuTLS 3.6.3 when mul‐
38       tiple responses which  apply  to  the  chain  are  available.   If  the
39       response provided does not match any certificates present in the chain,
40       the code GNUTLS_E_OCSP_MISMATCH_WITH_CERTS is returned.  To  revert  to
41       the     previous     behavior     set    the    flag    GNUTLS_CERTIFI‐
42       CATE_SKIP_OCSP_RESPONSE_CHECK in the certificate credentials structure.
43       In  that case, only the end-certificate's OCSP response can be set.  If
44       the response is already  expired  at  the  time  of  loading  the  code
45       GNUTLS_E_EXPIRED is returned.
46
47       To  revert  to  the  previous  behavior of this function which does not
48       return     any     errors,     set     the     flag     GNUTLS_CERTIFI‐
49       CATE_SKIP_OCSP_RESPONSE_CHECK
50

RETURNS

52       On  success,  GNUTLS_E_SUCCESS  (0)  is  returned, otherwise a negative
53       error code is returned.
54

SINCE

56       3.1.3
57

REPORTING BUGS

59       Report bugs to <bugs@gnutls.org>.
60       Home page: https://www.gnutls.org
61
62

64       Copyright © 2001-2020 Free Software Foundation, Inc., and others.
65       Copying and distribution of this file, with  or  without  modification,
66       are  permitted  in  any  medium  without royalty provided the copyright
67       notice and this notice are preserved.
68

SEE ALSO

70       The full documentation for gnutls is maintained as  a  Texinfo  manual.
71       If  the /usr/share/doc/gnutls/ directory does not contain the HTML form
72       visit
73
74       https://www.gnutls.org/manual/
75
76gnutls                      gnutls_c3e.r6t.i1f3icate_set_ocsp_status_request_file(3)
Impressum