#include <nng/nng.h>
#include <nng/supplemental/tls/tls.h>
int nng_tls_config_ca_chain(nng_tls_config *cfg, const char *chain, const char *crl);
The nng_tls_config_ca_chain()
function configures a certificate or
certificate chain to be used when validating peers using the configuration
cfg.
Note
|
Certificates must be configured when using the authentication mode
NNG_TLS_AUTH_MODE_REQUIRED .
|
Tip
|
This function may be called multiple times, to add additional chains to a configuration, without affecting those added previously. |
The certificates located in chain must be a zero-terminated C string in PEM format. Multiple certificates may appear concatenated together, with the leaf certificate listed first.
The crl may be NULL
, or may also be a C string containing a PEM format
certificate revocation list for the associated authority.
NNG_ENOMEM
|
Insufficient memory is available. |
NNG_EBUSY
|
The configuration cfg is already in use, and cannot be modified. |
NNG_EINVAL
|
An invalid chain or crl was supplied. |