1=pod
2
3=head1 NAME
4
5SSL_load_client_CA_file,
6SSL_add_file_cert_subjects_to_stack,
7SSL_add_dir_cert_subjects_to_stack
8- load certificate names
9
10=head1 SYNOPSIS
11
12 #include <openssl/ssl.h>
13
14 STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);
15
16 int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
17                                         const char *file)
18 int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
19                                        const char *dir)
20
21=head1 DESCRIPTION
22
23SSL_load_client_CA_file() reads certificates from I<file> and returns
24a STACK_OF(X509_NAME) with the subject names found.
25
26SSL_add_file_cert_subjects_to_stack() reads certificates from I<file>,
27and adds their subject name to the already existing I<stack>.
28
29SSL_add_dir_cert_subjects_to_stack() reads certificates from every
30file in the directory I<dir>, and adds their subject name to the
31already existing I<stack>.
32
33=head1 NOTES
34
35SSL_load_client_CA_file() reads a file of PEM formatted certificates and
36extracts the X509_NAMES of the certificates found. While the name suggests
37the specific usage as support function for
38L<SSL_CTX_set_client_CA_list(3)>,
39it is not limited to CA certificates.
40
41=head1 RETURN VALUES
42
43The following return values can occur:
44
45=over 4
46
47=item NULL
48
49The operation failed, check out the error stack for the reason.
50
51=item Pointer to STACK_OF(X509_NAME)
52
53Pointer to the subject names of the successfully read certificates.
54
55=back
56
57=head1 EXAMPLES
58
59Load names of CAs from file and use it as a client CA list:
60
61 SSL_CTX *ctx;
62 STACK_OF(X509_NAME) *cert_names;
63
64 ...
65 cert_names = SSL_load_client_CA_file("/path/to/CAfile.pem");
66 if (cert_names != NULL)
67     SSL_CTX_set_client_CA_list(ctx, cert_names);
68 else
69     /* error */
70 ...
71
72=head1 SEE ALSO
73
74L<ssl(7)>,
75L<SSL_CTX_set_client_CA_list(3)>
76
77=head1 COPYRIGHT
78
79Copyright 2000-2019 The OpenSSL Project Authors. All Rights Reserved.
80
81Licensed under the OpenSSL license (the "License").  You may not use
82this file except in compliance with the License.  You can obtain a copy
83in the file LICENSE in the source distribution or at
84L<https://www.openssl.org/source/license.html>.
85
86=cut
87