NAME¶
SSL_load_client_CA_file - load certificate names from file
SYNOPSIS¶
#include <openssl/ssl.h>
STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);
DESCRIPTION¶
SSL_load_client_CA_file() reads certificates from
file and returns
a STACK_OF(X509_NAME) with the subject names found.
NOTES¶
SSL_load_client_CA_file() reads a file of PEM formatted certificates and
extracts the X509_NAMES of the certificates found. While the name suggests the
specific usage as support function for
SSL_CTX_set_client_CA_list(3),
it is not limited to CA certificates.
EXAMPLES¶
Load names of CAs from file and use it as a client CA list:
SSL_CTX *ctx;
STACK_OF(X509_NAME) *cert_names;
...
cert_names = SSL_load_client_CA_file("/path/to/CAfile.pem");
if (cert_names != NULL)
SSL_CTX_set_client_CA_list(ctx, cert_names);
else
error_handling();
...
RETURN VALUES¶
The following return values can occur:
- NULL
- The operation failed, check out the error stack for the
reason.
- Pointer to STACK_OF(X509_NAME)
- Pointer to the subject names of the successfully read
certificates.
SEE ALSO¶
ssl(3),
SSL_CTX_set_client_CA_list(3)