diff options
| author | Garrett D'Amore <garrett@damore.org> | 2018-01-09 18:42:28 -0800 |
|---|---|---|
| committer | Garrett D'Amore <garrett@damore.org> | 2018-01-09 18:42:28 -0800 |
| commit | 6dddc0bfcb79615b8be470a5e16918360d57cadb (patch) | |
| tree | 9f12e0db8a343d4f803da1b9420a80ee0a9cc0ee /docs/nng_tls_config_ca_chain.adoc | |
| parent | 5db0c399e3a2289e5b6dacdec4035a827eb8a16d (diff) | |
| download | nng-6dddc0bfcb79615b8be470a5e16918360d57cadb.tar.gz nng-6dddc0bfcb79615b8be470a5e16918360d57cadb.tar.bz2 nng-6dddc0bfcb79615b8be470a5e16918360d57cadb.zip | |
fixes #186 Suggested API changes for nng TLS certs
Diffstat (limited to 'docs/nng_tls_config_ca_chain.adoc')
| -rw-r--r-- | docs/nng_tls_config_ca_chain.adoc | 81 |
1 files changed, 81 insertions, 0 deletions
diff --git a/docs/nng_tls_config_ca_chain.adoc b/docs/nng_tls_config_ca_chain.adoc new file mode 100644 index 00000000..2888c032 --- /dev/null +++ b/docs/nng_tls_config_ca_chain.adoc @@ -0,0 +1,81 @@ +nng_tls_config_ca_chain(3) +========================== +:doctype: manpage +:manmanual: nng +:mansource: nng +:manvolnum: 3 +:icons: font +:source-highlighter: pygments +:copyright: Copyright 2018 Staysail Systems, Inc. <info@staysail.tech> \ + Copyright 2018 Capitar IT Group BV <info@capitar.com> \ + This software is supplied under the terms of the MIT License, a \ + copy of which should be located in the distribution where this \ + file was obtained (LICENSE.txt). A copy of the license may also \ + be found online at https://opensource.org/licenses/MIT. + +NAME +---- +nng_tls_config_ca_chain - configure certificate authority certificate chain + +SYNOPSIS +-------- + +[source, c] +----------- +#include <nng/nng.h> + +int nng_tls_config_ca_cert(nni_tls_config *cfg, const char *chain, + const char *crl) +----------- + +DESCRIPTION +----------- + +The `nng_tls_config_ca_chain()` function configures a certificate or +certificate chain to be used when validating peers using the configuragion +'cfg'. + +NOTE: This function *must* be called when the TLS authentication mode SYNOPSIS +`NNG_TLS_AUTH_MODE_REQUIRED` or `NNG_TLS_AUTH_MODE_OPTIONAL`. It will have +no effect if the authentication mode is `NNG_TLS_AUTH_MODE_NONE`. + +TIP: This function may be called multiple times, to add additional chains +to a configuration, without affecting those added previously. + +The certificates located in 'chain' must be a NUL terminated C string in +https://tools.ietf.org/html/rfc7468[PEM] format. Multiple certificates may +appear concatenated together, with the leaf certificate listed first. +together. + +The 'crl' may be NULL, or may also be a C string containing a PEM format +certificate revocation list for the associated authority. + +RETURN VALUES +------------- + +This function returns 0 on success, and non-zero otherwise. + +ERRORS +------ + +`NNG_ENOMEM`:: Insufficient memory is available. +`NNG_EBUSY`:: The configuration 'cfg' is already in use, and cannot be modified. +`NNG_EINVAL`:: An invalid 'chain' or 'size' was supplied. + +SEE ALSO +-------- + +<<nng_strerror#,nng_strerror(3)>>, +<<nng_tls_config_alloc#,nng_tls_config_alloc(3)>>, +<<nng_tls_config_auth_mode#,nng_tls_config_auth_mode(3)>>, +<<nng#,nng(7)>> + + +COPYRIGHT +--------- + +Copyright 2018 mailto:info@staysail.tech[Staysail Systems, Inc.] + +Copyright 2018 mailto:info@capitar.com[Capitar IT Group BV] + +This document is supplied under the terms of the +https://opensource.org/licenses/MIT[MIT License]. |