This documentation is for the TIP (development tree) of NNG and may represent unreleased changes or functionality that is experimental, and is subject to change before release. The latest released version is v1.8.0. See the documentation for v1.8.0 for the most up-to-date information.

nng_tls_config_ca_chain(3tls)

NAME

nng_tls_config_ca_chain - configure certificate authority certificate chain

SYNOPSIS

#include <nng/nng.h>
#include <nng/supplemental/tls/tls.h>

int nng_tls_config_ca_chain(nng_tls_config *cfg, const char *chain, const char *crl);

DESCRIPTION

The nng_tls_config_ca_chain() function configures a certificate or certificate chain to be used when validating peers using the configuration cfg.

Certificates must be configured when using the authentication mode NNG_TLS_AUTH_MODE_REQUIRED.
This function may be called multiple times, to add additional chains to a configuration, without affecting those added previously.

The certificates located in chain must be a zero-terminated C string in PEM format. Multiple certificates may appear concatenated together, with the leaf certificate listed first.

The crl may be NULL, or may also be a C string containing a PEM format certificate revocation list for the associated authority.

RETURN VALUES

This function returns 0 on success, and non-zero otherwise.

ERRORS

NNG_ENOMEM

Insufficient memory is available.
NNG_EBUSY

The configuration cfg is already in use, and cannot be modified.
NNG_EINVAL

An invalid chain or crl was supplied.

SEE ALSO

nng_strerror(3), nng_tls_config_alloc(.3tls), nng_tls_config_auth_mode(.3tls), nng_tls_config_ca_file(.3tls), nng(7)