docs/nng_tls_config_ca_file.adoc


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78

nng_tls_config_ca_file(3)
=========================
:doctype: manpage
:manmanual: nng
:mansource: nng
:manvolnum: 3
:icons: font
:source-highlighter: pygments
:copyright: Copyright 2018 Staysail Systems, Inc. <info@staysail.tech> \
            Copyright 2018 Capitar IT Group BV <info@capitar.com> \
            This software is supplied under the terms of the MIT License, a \
            copy of which should be located in the distribution where this \
            file was obtained (LICENSE.txt).  A copy of the license may also \
            be found online at https://opensource.org/licenses/MIT.

NAME
----
nng_tls_config_ca_file - load certificate authority from file

SYNOPSIS
--------

[source, c]
-----------
#include <nng/nng.h>

int nng_tls_config_ca_file(nni_tls_config *cfg, const char *path);
-----------

DESCRIPTION
-----------

The `nng_tls_config_ca_file()` function configures the certificate authority
certificate chain and optional revocation list by loading the certificates
(and revocation list if present) from a single named file. The file must
at least one X.509 certificate in https://tools.ietf.org/html/rfc7468[PEM]
format, and may contain multiple such certificates, as well as zero or
more PEM CRL objects.  This information is used to validate certificates
that are presented by peers, when using the configuration 'cfg'.

NOTE: Certificates *must* be configured when using the authentication mode
`NNG_TLS_AUTH_MODE_REQUIRED`.

TIP: This function may be called multiple times, to add additional chains
to a configuration, without affecting those added previously.

RETURN VALUES
-------------

This function returns 0 on success, and non-zero otherwise.

ERRORS
------

`NNG_ENOMEM`:: Insufficient memory is available.
`NNG_EBUSY`:: The configuration 'cfg' is already in use, and cannot be modified.
`NNG_EINVAL`:: The contents of 'path' are invalid or did not contain a valid PEM certificate.
`NNG_ENOENT`:: The file 'path' does not exist.
`NNG_EPERM`:: The file 'path' is not readable.

SEE ALSO
--------

<<nng_strerror#,nng_strerror(3)>>,
<<nng_tls_config_alloc#,nng_tls_config_alloc(3)>>,
<<nng_tls_config_auth_mode#,nng_tls_config_auth_mode(3)>>,
<<nng_tls_config_ca_chain#,nng_tls_config_ca_chain(3)>>,
<<nng#,nng(7)>>


COPYRIGHT
---------

Copyright 2018 mailto:info@staysail.tech[Staysail Systems, Inc.] +
Copyright 2018 mailto:info@capitar.com[Capitar IT Group BV]

This document is supplied under the terms of the
https://opensource.org/licenses/MIT[MIT License].