This documentation is for the TIP (development tree) of NNG and may represent unreleased changes or functionality that is experimental, and is subject to change before release. The latest released version is v1.8.0. See the documentation for v1.8.0 for the most up-to-date information.

nng_tls_config_ca_file(3tls)

NAME

nng_tls_config_ca_file - load certificate authority from file

SYNOPSIS

#include <nng/nng.h>
#include <nng/supplemental/tls/tls.h>

int nng_tls_config_ca_file(nng_tls_config *cfg, const char *path);

DESCRIPTION

The nng_tls_config_ca_file() function configures the certificate authority certificate chain and optional revocation list by loading the certificates (and revocation list if present) from a single named file. The file must at least one X.509 certificate in PEM format, and may contain multiple such certificates, as well as zero or more PEM CRL objects. This information is used to validate certificates that are presented by peers, when using the configuration cfg.

Certificates must be configured when using the authentication mode NNG_TLS_AUTH_MODE_REQUIRED.
This function may be called multiple times, to add additional chains to a configuration, without affecting those added previously.

RETURN VALUES

This function returns 0 on success, and non-zero otherwise.

ERRORS

NNG_ENOMEM

Insufficient memory is available.
NNG_EBUSY

The configuration cfg is already in use, and cannot be modified.
NNG_EINVAL

The contents of path are invalid or do not contain a valid PEM certificate.
NNG_ENOENT

The file path does not exist.
NNG_EPERM

The file path is not readable.

SEE ALSO

nng_strerror(3), nng_tls_config_alloc(3tls), nng_tls_config_auth_mode(3tls), nng_tls_config_ca_chain(3tls), nng(7)