gnutls_x509_crq_sign2 - API function
int gnutls_x509_crq_sign2(gnutls_x509_crq_t crq,
gnutls_x509_privkey_t key, gnutls_digest_algorithm_t
dig, unsigned int flags);
- gnutls_x509_crq_t crq
- should contain a gnutls_x509_crq_t type
- gnutls_x509_privkey_t key
- holds a private key
- gnutls_digest_algorithm_t dig
- The message digest to use, i.e., GNUTLS_DIG_SHA256
- unsigned int flags
- must be 0
This function will sign the certificate request with a private key. This must be
the same key as the one used in gnutls_x509_crt_set_key()
certificate request is self signed.
This must be the last step in a certificate request generation since all the
previously set parameters are now signed.
A known limitation of this function is, that a newly-signed request will not be
fully functional (e.g., for signature verification), until it is exported an
After GnuTLS 3.6.1 the value of dig
may be GNUTLS_DIG_UNKNOWN
in that case, a suitable but reasonable for the key algorithm will be
on success, otherwise a negative error code.
is returned if you didn't set all
information in the certificate request (e.g., the version using
Report bugs to <firstname.lastname@example.org>.
Home page: https://www.gnutls.org
Copyright © 2001-2019 Free Software Foundation, Inc., and others.
Copying and distribution of this file, with or without modification, are
permitted in any medium without royalty provided the copyright notice and this
notice are preserved.
The full documentation for gnutls
is maintained as a Texinfo manual. If
the /usr/share/doc/gnutls/ directory does not contain the HTML form visit