Scroll to navigation

gnutls_certificate_set_ocsp_status_request_file(3) gnutls gnutls_certificate_set_ocsp_status_request_file(3)

NAME

gnutls_certificate_set_ocsp_status_request_file - API function

SYNOPSIS

#include <gnutls/gnutls.h>
int gnutls_certificate_set_ocsp_status_request_file(gnutls_certificate_credentials_t sc, const char * response_file, unsigned idx);

ARGUMENTS

gnutls_certificate_credentials_t sc
is a credentials structure.
const char * response_file
a filename of the OCSP response
unsigned idx
is a certificate index as returned by gnutls_certificate_set_key() and friends

DESCRIPTION

This function loads the provided OCSP response. It will be sent to the client if requests an OCSP certificate status for the certificate chain specified by idx .

NOTE

the ability to set multiple OCSP responses per credential structure via the index idx was added in version 3.5.6. To keep backwards compatibility, it requires using gnutls_certificate_set_flags() with the GNUTLS_CERTIFICATE_API_V2 flag to make the set certificate functions return an index usable by this function.
This function can be called multiple times since GnuTLS 3.6.3 when multiple responses which apply to the chain are available. If the response provided does not match any certificates present in the chain, the code GNUTLS_E_OCSP_MISMATCH_WITH_CERTS is returned. To revert to the previous behavior set the flag GNUTLS_CERTIFICATE_SKIP_OCSP_RESPONSE_CHECK in the certificate credentials structure. In that case, only the end-certificate's OCSP response can be set. If the response is already expired at the time of loading the code GNUTLS_E_EXPIRED is returned.
To revert to the previous behavior of this function which does not return any errors, set the flag GNUTLS_CERTIFICATE_SKIP_OCSP_RESPONSE_CHECK

RETURNS

On success, GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error code is returned.

SINCE

3.1.3

REPORTING BUGS

Report bugs to <bugs@gnutls.org>.
 
Home page: https://www.gnutls.org

COPYRIGHT

Copyright © 2001-2019 Free Software Foundation, Inc., and others.
 
Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved.

SEE ALSO

The full documentation for gnutls is maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visit
https://www.gnutls.org/manual/
3.6.7 gnutls