diff options
author | Tom Vrancken <dev@tomvrancken.nl> | 2018-08-15 18:29:32 +0200 |
---|---|---|
committer | Tom Vrancken <dev@tomvrancken.nl> | 2018-08-20 17:08:01 +0200 |
commit | 07180a416731749883234f931ac18831ff38abbb (patch) | |
tree | 0b9d13b9ad394477d566f01ba8e279c33711cc7c /doc/cha-gtls-app.texi | |
parent | a42db538c3f01aa76e2c1a2affc39237840c2522 (diff) | |
download | gnutls-07180a416731749883234f931ac18831ff38abbb.tar.gz |
Implemented RFC7250 certificate type negotiation extensions.
Signed-off-by: Tom Vrancken <dev@tomvrancken.nl>
Diffstat (limited to 'doc/cha-gtls-app.texi')
-rw-r--r-- | doc/cha-gtls-app.texi | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/doc/cha-gtls-app.texi b/doc/cha-gtls-app.texi index 8fd31b2add..9a4cf29933 100644 --- a/doc/cha-gtls-app.texi +++ b/doc/cha-gtls-app.texi @@ -1292,6 +1292,18 @@ Catch all which enables all curves from NORMAL priority is CURVE-ALL. Note that the CURVE keyword is kept for backwards compatibility only, for new applications see the GROUP keyword above. +@item Certificate types @tab +Certificate type negotitation must be explicitly enabled via the +GNUTLS_ENABLE_CERT_TYPE_NEG flag in gnutls_init(). +Certificate types can be given in a symmetric fashion (i.e. the same for +both client and server) or, as of GnuTLS 3.6.4, in an asymmetric fashion +(i.e. different for the client than for the server). + +Currently supported types are: +CTYPE-X509 or CTYPE-X.509. Catch all is CTYPE-ALL. +CTYPE-CLI-X509 or CTYPE-CLI-X.509, CTYPE-SRV-X509 or CTYPE-SRV-X.509. +Catch all is CTYPE-CLI-ALL and CTYPE-SRV-ALL. + @end multitable @caption{The supported algorithm keywords in priority strings.} @end float |