NAME | SYNOPSIS | ARGUMENTS | DESCRIPTION | RETURNS | REPORTING BUGS | COPYRIGHT | SEE ALSO | COLOPHON

gnutls_certificate_set_x509_simple_pkcs12_file(3)_x509_simple_pkcs12_file(3)

NAME         top

       gnutls_certificate_set_x509_simple_pkcs12_file - API function

SYNOPSIS         top

       #include <gnutls/gnutls.h>

       int
       gnutls_certificate_set_x509_simple_pkcs12_file(gnutls_certificate_credentials_t
       res, const char * pkcs12file, gnutls_x509_crt_fmt_t type, const char
       * password);

ARGUMENTS         top

       gnutls_certificate_credentials_t res
                   is a gnutls_certificate_credentials_t type.

       const char * pkcs12file
                   filename of file containing PKCS12 blob.

       gnutls_x509_crt_fmt_t type
                   is PEM or DER of the  pkcs12file .

       const char * password
                   optional password used to decrypt PKCS12 file, bags and
                   keys.

DESCRIPTION         top

       This function sets a certificate/private key pair and/or a CRL in the
       gnutls_certificate_credentials_t type.  This function may be called
       more than once (in case multiple keys/certificates exist for the
       server).

       PKCS12 files with a MAC, encrypted bags and PKCS 8 private keys are
       supported. However, only password based security, and the same
       password for all operations, are supported.

       PKCS12 file may contain many keys and/or certificates, and this
       function will try to auto-detect based on the key ID the certificate
       and key pair to use. If the PKCS12 file contain the issuer of the
       selected certificate, it will be appended to the certificate to form
       a chain.

       If more than one private keys are stored in the PKCS12 file, then
       only one key will be read (and it is undefined which one).

       It is believed that the limitations of this function is acceptable
       for most usage, and that any more flexibility would introduce
       complexity that would make it harder to use this functionality at
       all.

       Note that, this function by default returns zero on success and a
       negative value on error.  Since 3.5.6, when the flag
       GNUTLS_CERTIFICATE_API_V2 is set using gnutls_certificate_set_flags()
       it returns an index (greater or equal to zero). That index can be
       used to other functions to refer to the added key-pair.

RETURNS         top

       On success this functions returns zero, and otherwise a negative
       value on error (see above for modifying that behavior).

REPORTING BUGS         top

       Report bugs to <bugs@gnutls.org>.
       Home page: http://www.gnutls.org

COPYRIGHT         top

       Copyright © 2001-2017 Free Software Foundation, Inc., and others.
       Copying and distribution of this file, with or without modification,
       are permitted in any medium without royalty provided the copyright
       notice and this notice are preserved.

SEE ALSO         top

       The full documentation for gnutls is maintained as a Texinfo manual.
       If the /usr/share/doc/gnutls/ directory does not contain the HTML
       form visit

       http://www.gnutls.org/manual/ 

COLOPHON         top

       This page is part of the GnuTLS (GnuTLS Transport Layer Security
       Library) project.  Information about the project can be found at 
       ⟨http://www.gnutls.org/⟩.  If you have a bug report for this manual
       page, send it to bugs@gnutls.org..  This page was obtained from the
       tarball gnutls-3.5.9.tar.xz fetched from 
       ⟨http://www.gnutls.org/download.html⟩ on 2017-05-03.  If you discover
       any rendering problems in this HTML version of the page, or you
       believe there is a better or more up-to-date source for the page, or
       you have corrections or improvements to the information in this
       COLOPHON (which is not part of the original manual page), send a mail
       to man-pages@man7.org

gnutls                     gnutls_ce3r.t5i.f9icate_set_x509_simple_pkcs12_file(3)