NNG_TLS_CONFIG_CA_FILE(3tls) NNG Reference Manual NNG_TLS_CONFIG_CA_FILE(3tls)

nng_tls_config_ca_file - load certificate authority from file

#include <nng/nng.h>
#include <nng/supplemental/tls/tls.h>
int nng_tls_config_ca_file(nng_tls_config *cfg, const char *path);

The nng_tls_config_ca_file() function configures the certificate authority certificate chain and optional revocation list by loading the certificates (and revocation list if present) from a single named file. The file must at least one X.509 certificate in PEM <https://tools.ietf.org/html/rfc7468> format, and may contain multiple such certificates, as well as zero or more PEM CRL objects. This information is used to validate certificates that are presented by peers, when using the configuration cfg.


Note

Certificates must be configured when using the authentication mode
NNG_TLS_AUTH_MODE_REQUIRED.


Tip

This function may be called multiple times, to add additional chains
to a configuration, without affecting those added previously.

This function returns 0 on success, and non-zero otherwise.

NNG_ENOMEM

Insufficient memory is available.

NNG_EBUSY

The configuration cfg is already in use, and cannot be modified.

NNG_EINVAL

The contents of path are invalid or do not contain a valid PEM certificate.

NNG_ENOENT

The file path does not exist.

NNG_EPERM

The file path is not readable.

nng_strerror(3), nng_tls_config_alloc(3tls), nng_tls_config_auth_mode(3tls), nng_tls_config_ca_chain(3tls), nng(7)

2025-01-05