1gnutls_certificate_set_x509_key_file2g(n3ug)tnlustls_certificate_set_x509_key_file2(3)
2
3
4

NAME

6       gnutls_certificate_set_x509_key_file2 - API function
7

SYNOPSIS

9       #include <gnutls/gnutls.h>
10
11       int    gnutls_certificate_set_x509_key_file2(gnutls_certificate_creden‐
12       tials_t  res,  const  char  *   certfile,   const   char   *   keyfile,
13       gnutls_x509_crt_fmt_t type, const char * pass, unsigned int flags);
14

ARGUMENTS

16       gnutls_certificate_credentials_t res
17                   is a gnutls_certificate_credentials_t type.
18
19       const char * certfile
20                   is  a  file that containing the certificate list (path) for
21                   the specified private key, in PKCS7 format, or  a  list  of
22                   certificates
23
24       const char * keyfile
25                   is a file that contains the private key
26
27       gnutls_x509_crt_fmt_t type
28                   is PEM or DER
29
30       const char * pass
31                   is the password of the key
32
33       unsigned int flags
34                   an ORed sequence of gnutls_pkcs_encrypt_flags_t
35

DESCRIPTION

37       This  function  sets  a certificate/private key pair in the gnutls_cer‐
38       tificate_credentials_t type.  This function may  be  called  more  than
39       once,  in  case  multiple  keys/certificates exist for the server.  For
40       clients that need to send more than its  own  end  entity  certificate,
41       e.g., also an intermediate CA cert, then the
42        certfile must contain the ordered certificate chain.
43
44       Note that the names in the certificate provided will be considered when
45       selecting the appropriate certificate to use (in case of multiple  cer‐
46       tificate/key pairs).
47
48       This  function can also accept URLs at  keyfile and  certfile . In that
49       case it will use the private key and certificate indicated by the URLs.
50       Note   that   the   supported   URLs   are   the   ones   indicated  by
51       gnutls_url_is_supported().  Before GnuTLS 3.4.0 when a URL  was  speci‐
52       fied,  the   pass  part was ignored and a PIN callback had to be regis‐
53       tered, this is no longer the case in current releases.
54
55       In case the  certfile is provided as a PKCS 11 URL, then  the  certifi‐
56       cate,  and its present issuers in the token are imported (i.e., forming
57       the required trust chain).
58
59       If that function fails to load the  res structure is  at  an  undefined
60       state, it must not be reused to load other keys or certificates.
61
62       Note that, this function by default returns zero on success and a nega‐
63       tive value on  error.   Since  3.5.6,  when  the  flag  GNUTLS_CERTIFI‐
64       CATE_API_V2  is  set using gnutls_certificate_set_flags() it returns an
65       index (greater or equal to zero). That index can be used to other func‐
66       tions to refer to the added key-pair.
67

RETURNS

69       On  success this functions returns zero, and otherwise a negative value
70       on error (see above for modifying that behavior).
71

REPORTING BUGS

73       Report bugs to <bugs@gnutls.org>.
74       Home page: http://www.gnutls.org
75
76
78       Copyright © 2001-2018 Free Software Foundation, Inc., and others.
79       Copying and distribution of this file, with  or  without  modification,
80       are  permitted  in  any  medium  without royalty provided the copyright
81       notice and this notice are preserved.
82

SEE ALSO

84       The full documentation for gnutls is maintained as  a  Texinfo  manual.
85       If  the /usr/share/doc/gnutls/ directory does not contain the HTML form
86       visit
87
88       http://www.gnutls.org/manual/
89
90gnutls                               3.g6n.u5tls_certificate_set_x509_key_file2(3)
Impressum