gnutls_sign_set_secure_for_certs(3) — Linux manual page


gnutls_sign_s...ure_for_certs(3) gnutls gnutls_sign_s...ure_for_certs(3)

NAME         top

       gnutls_sign_set_secure_for_certs - API function

SYNOPSIS         top

       #include <gnutls/gnutls.h>

       int gnutls_sign_set_secure_for_certs(gnutls_sign_algorithm_t
       sign, unsigned int secure);

ARGUMENTS         top

       gnutls_sign_algorithm_t sign
                   the sign algorithm

       unsigned int secure
                   whether to mark the sign algorithm secure for

DESCRIPTION         top

       Modify the previous system wide setting that marked  sign as
       secure or insecure for the use in certificates.  Calling this
       function is allowed only if allowlisting mode is set in the
       configuration file, and only if the system-wide TLS priority
       string has not been initialized yet.  The intended usage is to
       provide applications with a way to expressly deviate from the
       distribution or site defaults inherited from the configuration
       file.  The modification is composable with further modifications
       performed through the priority string mechanism.

       This function is not thread-safe and is intended to be called in
       the main thread at the beginning of the process execution.  When
       secure is true,  sign is marked as secure for any use unlike
       gnutls_sign_set_secure().  Otherwise, it is marked as insecure
       only for the use in certificates.  Use gnutls_sign_set_secure()
       to mark it insecure for any uses.

RETURNS         top

       0 on success or negative error code otherwise.

SINCE         top


REPORTING BUGS         top

       Report bugs to <>.
       Home page:

COPYRIGHT         top

       Copyright © 2001-2023 Free Software Foundation, Inc., and others.
       Copying and distribution of this file, with or without
       modification, are permitted in any medium without royalty
       provided the copyright notice and this notice are preserved.

SEE ALSO         top

       The full documentation for gnutls is maintained as a Texinfo
       manual.  If the /usr/share/doc/gnutls/ directory does not contain
       the HTML form visit

COLOPHON         top

       This page is part of the GnuTLS (GnuTLS Transport Layer Security
       Library) project.  Information about the project can be found at
       ⟨⟩.  If you have a bug report for this
       manual page, send it to  This page was obtained
       from the tarball gnutls-3.8.2.tar.xz fetched from
       ⟨⟩ on 2023-12-22.  If you
       discover any rendering problems in this HTML version of the page,
       or you believe there is a better or more up-to-date source for
       the page, or you have corrections or improvements to the
       information in this COLOPHON (which is not part of the original
       manual page), send a mail to

gnutls                            3.8.2 gnutls_sign_s...ure_for_certs(3)