NNG_TLS_CONFIG_CA_CHAIN(3tls) NNG Reference Manual NNG_TLS_CONFIG_CA_CHAIN(3tls)

nng_tls_config_ca_chain - configure certificate authority certificate chain

#include <nng/nng.h>
#include <nng/supplemental/tls/tls.h>
int nng_tls_config_ca_chain(nng_tls_config *cfg, const char *chain, const char *crl);

The nng_tls_config_ca_chain() function configures a certificate or certificate chain to be used when validating peers using the configuration cfg.


Note

Certificates must be configured when using the authentication mode
NNG_TLS_AUTH_MODE_REQUIRED.


Tip

This function may be called multiple times, to add additional chains
to a configuration, without affecting those added previously.

The certificates located in chain must be a zero-terminated C string in PEM <https://tools.ietf.org/html/rfc7468> format. Multiple certificates may appear concatenated together, with the leaf certificate listed first.

The crl may be NULL, or may also be a C string containing a PEM format certificate revocation list for the associated authority.

This function returns 0 on success, and non-zero otherwise.

NNG_ENOMEM

Insufficient memory is available.

NNG_EBUSY

The configuration cfg is already in use, and cannot be modified.

NNG_EINVAL

An invalid chain or crl was supplied.

nng_strerror(3), nng_tls_config_alloc(.3tls), nng_tls_config_auth_mode(.3tls), nng_tls_config_ca_file(.3tls), nng(7)

2025-01-05