Updated: 2022/Sep/29

Please read Privacy Policy. It's for your privacy.

SSL_load_client_CA_file(3)          OpenSSL         SSL_load_client_CA_file(3)



NAME
       SSL_load_client_CA_file, SSL_add_file_cert_subjects_to_stack,
       SSL_add_dir_cert_subjects_to_stack - load certificate names

LIBRARY
       libcrypto, -lcrypto

SYNOPSIS
        #include <openssl/ssl.h>

        STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);

        int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
                                                const char *file)
        int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
                                               const char *dir)

DESCRIPTION
       SSL_load_client_CA_file() reads certificates from file and returns a
       STACK_OF(X509_NAME) with the subject names found.

       SSL_add_file_cert_subjects_to_stack() reads certificates from file, and
       adds their subject name to the already existing stack.

       SSL_add_dir_cert_subjects_to_stack() reads certificates from every file
       in the directory dir, and adds their subject name to the already
       existing stack.

NOTES
       SSL_load_client_CA_file() reads a file of PEM formatted certificates
       and extracts the X509_NAMES of the certificates found. While the name
       suggests the specific usage as support function for
       SSL_CTX_set_client_CA_list(3), it is not limited to CA certificates.

RETURN VALUES
       The following return values can occur:

       NULL
           The operation failed, check out the error stack for the reason.

       Pointer to STACK_OF(X509_NAME)
           Pointer to the subject names of the successfully read certificates.

EXAMPLES
       Load names of CAs from file and use it as a client CA list:

        SSL_CTX *ctx;
        STACK_OF(X509_NAME) *cert_names;

        ...
        cert_names = SSL_load_client_CA_file("/path/to/CAfile.pem");
        if (cert_names != NULL)
            SSL_CTX_set_client_CA_list(ctx, cert_names);
        else
            /* error */
        ...

SEE ALSO
       ssl(7), SSL_CTX_set_client_CA_list(3)

COPYRIGHT
       Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.

       Licensed under the OpenSSL license (the "License").  You may not use
       this file except in compliance with the License.  You can obtain a copy
       in the file LICENSE in the source distribution or at
       <https://www.openssl.org/source/license.html>.



1.1.1i                            2020-03-22        SSL_load_client_CA_file(3)