diff options
author | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-05-09 17:54:34 +0200 |
---|---|---|
committer | Nikos Mavrogiannopoulos <nmav@gnutls.org> | 2012-05-09 17:59:36 +0200 |
commit | 0b4f25c18755f4c4b984b46f16cfa8e468891469 (patch) | |
tree | 0cd797553c99783e1715d5c5f2ed1acd4d7a7b4a /doc/cha-cert-auth.texi | |
parent | d5633875724fe383adb4e994fc72bd7c64acb197 (diff) | |
download | gnutls-0b4f25c18755f4c4b984b46f16cfa8e468891469.tar.gz |
Added convenience functions to load a trust list from a file or a memory buffer.
New functions:
gnutls_certificate_set_x509_system_trust, gnutls_pkcs11_obj_list_import_url2,
gnutls_x509_trust_list_add_system_trust, gnutls_x509_trust_list_add_trust_file,
gnutls_x509_trust_list_add_trust_mem.
Diffstat (limited to 'doc/cha-cert-auth.texi')
-rw-r--r-- | doc/cha-cert-auth.texi | 13 |
1 files changed, 9 insertions, 4 deletions
diff --git a/doc/cha-cert-auth.texi b/doc/cha-cert-auth.texi index cb79a7d4c5..1ee95bf1df 100644 --- a/doc/cha-cert-auth.texi +++ b/doc/cha-cert-auth.texi @@ -236,6 +236,10 @@ provided. @showfuncdesc{gnutls_x509_trust_list_verify_crt} @showfuncdesc{gnutls_x509_trust_list_verify_named_crt} +@showfuncdesc{gnutls_x509_trust_list_add_trust_file} +@showfuncdesc{gnutls_x509_trust_list_add_trust_mem} +@showfuncdesc{gnutls_x509_trust_list_add_system_trust} + The verification function will verify a given certificate chain against a list of certificate authorities and certificate revocation lists, and output a bit-wise OR of elements of the @code{gnutls_@-certificate_@-status_t} @@ -253,10 +257,11 @@ This purpose is served by the functions @funcref{gnutls_x509_trust_list_add_name @cindex verifying certificate paths @tindex gnutls_certificate_verify_flags -When operating in the context of a TLS session, if the trusted certificate -authority list has been set via the -@funcref{gnutls_certificate_set_x509_trust_file} and @funcref{gnutls_certificate_set_x509_crl_file}, -it is not required to setup a trusted list as above. +When operating in the context of a TLS session, the trusted certificate +authority list may also be set using: +@showfuncC{gnutls_certificate_set_x509_trust_file,gnutls_certificate_set_x509_crl_file,gnutls_certificate_set_x509_system_trust} + +Then it is not required to setup a trusted list as above. The function @funcref{gnutls_certificate_verify_peers2} may then be used to verify the peer's certificate chain. |