blob: d1f085583f63fa0fd5574ac783c0ac83e4ccae90 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
|
.\"
.\" $OpenBSD: SSL_load_client_CA_file.3,v 1.2 2014/12/02 14:11:01 jmc Exp $
.\"
.Dd $Mdocdate: December 2 2014 $
.Dt SSL_LOAD_CLIENT_CA_FILE 3
.Os
.Sh NAME
.Nm SSL_load_client_CA_file
.Nd load certificate names from file
.Sh SYNOPSIS
.In openssl/ssl.h
.Ft STACK_OF(X509_NAME) *
.Fn SSL_load_client_CA_file "const char *file"
.Sh DESCRIPTION
.Fn SSL_load_client_CA_file
reads certificates from
.Fa file
and returns a
.Dv STACK_OF Ns
.Pq Vt X509_NAME
with the subject names found.
.Sh NOTES
.Fn SSL_load_client_CA_file
reads a file of PEM formatted certificates and extracts the
.Vt X509_NAME Ns s
of the certificates found.
While the name suggests the specific usage as support function for
.Xr SSL_CTX_set_client_CA_list 3 ,
it is not limited to CA certificates.
.Sh RETURN VALUES
The following return values can occur:
.Bl -tag -width Ds
.It Dv NULL
The operation failed, check out the error stack for the reason.
.It Pointer to Dv STACK_OF Ns Po Vt X509_NAME Pc
Pointer to the subject names of the successfully read certificates.
.El
.Sh EXAMPLES
Load names of CAs from file and use it as a client CA list:
.Bd -literal
SSL_CTX *ctx;
STACK_OF(X509_NAME) *cert_names;
\&...
cert_names = SSL_load_client_CA_file("/path/to/CAfile.pem");
if (cert_names != NULL)
SSL_CTX_set_client_CA_list(ctx, cert_names);
else
error_handling();
\&...
.Ed
.Sh SEE ALSO
.Xr ssl 3 ,
.Xr SSL_CTX_set_client_CA_list 3
|
