SSL_CTX_add_extra_chain_cert.pod revision 291721
1=pod 2 3=head1 NAME 4 5SSL_CTX_add_extra_chain_cert, SSL_CTX_clear_extra_chain_certs - add or clear 6extra chain certificates 7 8=head1 SYNOPSIS 9 10 #include <openssl/ssl.h> 11 12 long SSL_CTX_add_extra_chain_cert(SSL_CTX *ctx, X509 *x509); 13 long SSL_CTX_clear_extra_chain_certs(SSL_CTX *ctx); 14 15=head1 DESCRIPTION 16 17SSL_CTX_add_extra_chain_cert() adds the certificate B<x509> to the extra chain 18certificates associated with B<ctx>. Several certificates can be added one 19after another. 20 21SSL_CTX_clear_extra_chain_certs() clears all extra chain certificates 22associated with B<ctx>. 23 24These functions are implemented as macros. 25 26=head1 NOTES 27 28When sending a certificate chain, extra chain certificates are sent in order 29following the end entity certificate. 30 31If no chain is specified, the library will try to complete the chain from the 32available CA certificates in the trusted CA storage, see 33L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)>. 34 35The B<x509> certificate provided to SSL_CTX_add_extra_chain_cert() will be 36freed by the library when the B<SSL_CTX> is destroyed. An application 37B<should not> free the B<x509> object. 38 39=head1 RESTRICTIONS 40 41Only one set of extra chain certificates can be specified per SSL_CTX 42structure. Different chains for different certificates (for example if both 43RSA and DSA certificates are specified by the same server) or different SSL 44structures with the same parent SSL_CTX cannot be specified using this 45function. 46 47=head1 RETURN VALUES 48 49SSL_CTX_add_extra_chain_cert() and SSL_CTX_clear_extra_chain_certs() return 501 on success and 0 for failure. Check out the error stack to find out the 51reason for failure. 52 53=head1 SEE ALSO 54 55L<ssl(3)|ssl(3)>, 56L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>, 57L<SSL_CTX_set_client_cert_cb(3)|SSL_CTX_set_client_cert_cb(3)>, 58L<SSL_CTX_load_verify_locations(3)|SSL_CTX_load_verify_locations(3)> 59 60=cut 61