ssl_load_client_ca_file(3) - Linux man page

Name

SSL_load_client_CA_file - load certificate names from file

Synopsis

#include <openssl/ssl.h>

STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);

Description

SSL_load_client_CA_file() reads certificates from file and returns a STACK_OF (X509_NAME) with the subject names found.

Notes

SSL_load_client_CA_file() reads a file of PEM formatted certificates and extracts the X509_NAMES of the certificates found. While the name suggests the specific usage as support function for ssl_ctx_set_client_ca_list(3), it is not limited to CA certificates.

Examples

Load names of CAs from file and use it as a client CA list:

SSL_CTX *ctx;
STACK_OF(X509_NAME) *cert_names;

...
cert_names = SSL_load_client_CA_file("/path/to/CAfile.pem");
if (cert_names != NULL)
  SSL_CTX_set_client_CA_list(ctx, cert_names);
else
  error_handling();
...

Return Values

The following return values can occur:

NULL

The operation failed, check out the error stack for the reason.

Pointer to STACK_OF (X509_NAME)

Pointer to the subject names of the successfully read certificates.

See Also

ssl(3), ssl_ctx_set_client_ca_list(3)