5 SSL_load_client_CA_file,
6 SSL_add_file_cert_subjects_to_stack,
7 SSL_add_dir_cert_subjects_to_stack,
8 SSL_add_store_cert_subjects_to_stack
9 - load certificate names
13 #include <openssl/ssl.h>
15 STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);
17 int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
19 int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
21 int SSL_add_store_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
26 SSL_load_client_CA_file() reads certificates from I<file> and returns
27 a STACK_OF(X509_NAME) with the subject names found.
29 SSL_add_file_cert_subjects_to_stack() reads certificates from I<file>,
30 and adds their subject name to the already existing I<stack>.
32 SSL_add_dir_cert_subjects_to_stack() reads certificates from every
33 file in the directory I<dir>, and adds their subject name to the
34 already existing I<stack>.
36 SSL_add_store_cert_subjects_to_stack() loads certificates from the
37 I<store> URI, and adds their subject name to the already existing
42 SSL_load_client_CA_file() reads a file of PEM formatted certificates and
43 extracts the X509_NAMES of the certificates found. While the name suggests
44 the specific usage as support function for
45 L<SSL_CTX_set_client_CA_list(3)>,
46 it is not limited to CA certificates.
50 The following return values can occur:
56 The operation failed, check out the error stack for the reason.
58 =item Pointer to STACK_OF(X509_NAME)
60 Pointer to the subject names of the successfully read certificates.
66 Load names of CAs from file and use it as a client CA list:
69 STACK_OF(X509_NAME) *cert_names;
72 cert_names = SSL_load_client_CA_file("/path/to/CAfile.pem");
73 if (cert_names != NULL)
74 SSL_CTX_set_client_CA_list(ctx, cert_names);
83 L<SSL_CTX_set_client_CA_list(3)>
87 SSL_add_store_cert_subjects_to_stack() was added in OpenSSL 3.0.
91 Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
93 Licensed under the Apache License 2.0 (the "License"). You may not use
94 this file except in compliance with the License. You can obtain a copy
95 in the file LICENSE in the source distribution or at
96 L<https://www.openssl.org/source/license.html>.