Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
gnutls_certificate_set_ocsp_gnutls_cgnutlscate_set_ocsp_status_request_file(3)

NAME
       gnutls_certificate_set_ocsp_status_request_file - API function

SYNOPSIS
       #include	<gnutls/gnutls.h>

       int     gnutls_certificate_set_ocsp_status_request_file(gnutls_certifi-
       cate_credentials_t sc, const char * response_file, unsigned idx);

ARGUMENTS
       gnutls_certificate_credentials_t	sc
		   is a	credentials structure.

       const char * response_file
		   a filename of the OCSP response

       unsigned	idx
		   is a	 certificate  index  as	 returned  by  gnutls_certifi-
		   cate_set_key() and friends

DESCRIPTION
       This  function loads the	provided OCSP response.	It will	be sent	to the
       client if requests an OCSP certificate status for the certificate chain
       specified by  idx .

NOTE
       the ability to set multiple OCSP	responses per credential structure via
       the index  idx was added	in version 3.5.6. To keep  backwards  compati-
       bility,	it  requires  using  gnutls_certificate_set_flags()  with  the
       GNUTLS_CERTIFICATE_API_V2 flag to make the  set	certificate  functions
       return an index usable by this function.

       This function can be called multiple times since	GnuTLS 3.6.3 when mul-
       tiple responses which apply to the chain	are  available.	  If  the  re-
       sponse  provided	 does not match	any certificates present in the	chain,
       the code	GNUTLS_E_OCSP_MISMATCH_WITH_CERTS is returned.	To  revert  to
       the  previous  behavior	set  the flag GNUTLS_CERTIFICATE_SKIP_OCSP_RE-
       SPONSE_CHECK in the certificate credentials structure.  In  that	 case,
       only  the  end-certificate's OCSP response can be set.  If the response
       is already expired at the time of loading the code GNUTLS_E_EXPIRED  is
       returned.

       To  revert to the previous behavior of this function which does not re-
       turn  any  errors,  set	 the   flag   GNUTLS_CERTIFICATE_SKIP_OCSP_RE-
       SPONSE_CHECK

RETURNS
       On  success, GNUTLS_E_SUCCESS (0) is returned, otherwise	a negative er-
       ror code	is returned.

SINCE
       3.1.3

REPORTING BUGS
       Report bugs to <bugs@gnutls.org>.
       Home page: https://www.gnutls.org

COPYRIGHT
       Copyright (C) 2001- Free	Software Foundation, Inc., and others.
       Copying and distribution	of this	file, with  or	without	 modification,
       are  permitted in any medium without royalty provided the copyright no-
       tice and	this notice are	preserved.

SEE ALSO
       The full	documentation for gnutls is maintained as  a  Texinfo  manual.
       If the /usr/local/share/doc/gnutls/ directory does not contain the HTML
       form visit

       https://www.gnutls.org/manual/

gnutls			    gnutls_certificate_set_ocsp_status_request_file(3)

NAME | SYNOPSIS | ARGUMENTS | DESCRIPTION | NOTE | RETURNS | SINCE | REPORTING BUGS | COPYRIGHT | SEE ALSO

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=gnutls_certificate_set_ocsp_status_request_file&sektion=3&manpath=FreeBSD+12.2-RELEASE+and+Ports>

home | help