1gnutls_certificate_set_ocsp_sgtnauttulss__rcegeqnruutetislftsi_cfaitlee_(s3e)t_ocsp_status_request_file(3)
2
3
4

NAME

6       gnutls_certificate_set_ocsp_status_request_file - API function
7

SYNOPSIS

9       #include <gnutls/gnutls.h>
10
11       int     gnutls_certificate_set_ocsp_status_request_file(gnutls_certifi‐
12       cate_credentials_t sc, const char * response_file, unsigned idx);
13

ARGUMENTS

15       gnutls_certificate_credentials_t sc
16                   is a credentials structure.
17
18       const char * response_file
19                   a filename of the OCSP response
20
21       unsigned idx
22                   is a  certificate  index  as  returned  by  gnutls_certifi‐
23                   cate_set_key() and friends
24

DESCRIPTION

26       This  function loads the provided OCSP response. It will be sent to the
27       client if requests an OCSP certificate status for the certificate chain
28       specified by  idx .
29

NOTE

31       the ability to set multiple OCSP responses per credential structure via
32       the index  idx was added in version 3.5.6. To keep  backwards  compati‐
33       bility,  it  requires  using  gnutls_certificate_set_flags()  with  the
34       GNUTLS_CERTIFICATE_API_V2 flag to make the  set  certificate  functions
35       return an index usable by this function.
36
37       This function can be called multiple times since GnuTLS 3.6.3 when mul‐
38       tiple responses which apply to the chain are  available.   If  the  re‐
39       sponse  provided  does not match any certificates present in the chain,
40       the code GNUTLS_E_OCSP_MISMATCH_WITH_CERTS is returned.  To  revert  to
41       the  previous  behavior  set  the flag GNUTLS_CERTIFICATE_SKIP_OCSP_RE‐
42       SPONSE_CHECK in the certificate credentials structure.  In  that  case,
43       only  the  end-certificate's OCSP response can be set.  If the response
44       is already expired at the time of loading the code GNUTLS_E_EXPIRED  is
45       returned.
46
47       To  revert to the previous behavior of this function which does not re‐
48       turn  any  errors,  set   the   flag   GNUTLS_CERTIFICATE_SKIP_OCSP_RE‐
49       SPONSE_CHECK
50

RETURNS

52       On  success, GNUTLS_E_SUCCESS (0) is returned, otherwise a negative er‐
53       ror code is returned.
54

SINCE

56       3.1.3
57

REPORTING BUGS

59       Report bugs to <bugs@gnutls.org>.
60       Home page: https://www.gnutls.org
61
62

64       Copyright © 2001-2023 Free Software Foundation, Inc., and others.
65       Copying and distribution of this file, with  or  without  modification,
66       are  permitted in any medium without royalty provided the copyright no‐
67       tice and this notice are preserved.
68

SEE ALSO

70       The full documentation for gnutls is maintained as  a  Texinfo  manual.
71       If  the /usr/share/doc/gnutls/ directory does not contain the HTML form
72       visit
73
74       https://www.gnutls.org/manual/
75
76gnutls                      gnutls_ce3r.t8i.f2icate_set_ocsp_status_request_file(3)
Impressum