1SSL_LOAD_CLIENT_CA_FILE(3)          OpenSSL         SSL_LOAD_CLIENT_CA_FILE(3)
2
3
4

NAME

6       SSL_load_client_CA_file, SSL_add_file_cert_subjects_to_stack,
7       SSL_add_dir_cert_subjects_to_stack - load certificate names
8

SYNOPSIS

10        #include <openssl/ssl.h>
11
12        STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);
13
14        int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
15                                                const char *file)
16        int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
17                                               const char *dir)
18

DESCRIPTION

20       SSL_load_client_CA_file() reads certificates from file and returns a
21       STACK_OF(X509_NAME) with the subject names found.
22
23       SSL_add_file_cert_subjects_to_stack() reads certificates from file, and
24       adds their subject name to the already existing stack.
25
26       SSL_add_dir_cert_subjects_to_stack() reads certificates from every file
27       in the directory dir, and adds their subject name to the already
28       existing stack.
29

NOTES

31       SSL_load_client_CA_file() reads a file of PEM formatted certificates
32       and extracts the X509_NAMES of the certificates found. While the name
33       suggests the specific usage as support function for
34       SSL_CTX_set_client_CA_list(3), it is not limited to CA certificates.
35

RETURN VALUES

37       The following return values can occur:
38
39       NULL
40           The operation failed, check out the error stack for the reason.
41
42       Pointer to STACK_OF(X509_NAME)
43           Pointer to the subject names of the successfully read certificates.
44

EXAMPLES

46       Load names of CAs from file and use it as a client CA list:
47
48        SSL_CTX *ctx;
49        STACK_OF(X509_NAME) *cert_names;
50
51        ...
52        cert_names = SSL_load_client_CA_file("/path/to/CAfile.pem");
53        if (cert_names != NULL)
54            SSL_CTX_set_client_CA_list(ctx, cert_names);
55        else
56            /* error */
57        ...
58

SEE ALSO

60       ssl(7), SSL_CTX_set_client_CA_list(3)
61
63       Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
64
65       Licensed under the OpenSSL license (the "License").  You may not use
66       this file except in compliance with the License.  You can obtain a copy
67       in the file LICENSE in the source distribution or at
68       <https://www.openssl.org/source/license.html>.
69
70
71
721.1.1i                            2021-01-26        SSL_LOAD_CLIENT_CA_FILE(3)
Impressum