OpenBSD manual page server

Manual Page Search Parameters

X509_LOAD_CERT_FILE(3) Library Functions Manual X509_LOAD_CERT_FILE(3)

X509_load_cert_file, X509_load_crl_file, X509_load_cert_crl_fileread, decode, and cache certificates and CRLs

#include <openssl/x509_vfy.h>

int
X509_load_cert_file(X509_LOOKUP *ctx, const char *file, int type);

int
X509_load_crl_file(X509_LOOKUP *ctx, const char *file, int type);

int
X509_load_cert_crl_file(X509_LOOKUP *ctx, const char *file, int type);

() with a type of X509_FILETYPE_PEM reads one or more certificates in PEM format from the given file using PEM_read_bio_X509_AUX(3); with a type of X509_FILETYPE_ASN1, if reads one certificate in DER format using d2i_X509_bio(3). The certificates read are added to the X509_STORE memory cache object associated with the given ctx using X509_STORE_add_cert(3).

() with a type of X509_FILETYPE_PEM reads one or more certificate revocation lists in PEM format from the given file using PEM_read_bio_X509_CRL(3); with a type of X509_FILETYPE_ASN1, if reads one certificate revocation lists in DER format using d2i_X509_CRL_bio(3). The certificate revocation lists read are added to the X509_STORE memory cache object associated with the given ctx using X509_STORE_add_crl(3).

() with a type of X509_FILETYPE_PEM read one or more certificates and/or certificate revocation lists in PEM format from the given file using PEM_X509_INFO_read_bio(3) and adds them to the X509_STORE memory cache object associated with the given ctx using X509_STORE_add_cert(3) and X509_STORE_add_crl(3), respectively.

() with a type of X509_FILETYPE_ASN1 is equivalent to X509_load_cert_file() and cannot be used to read a certificate revocation list.

These functions return the number of objects loaded or 0 on error.

d2i_X509_bio(3), PEM_read_PrivateKey(3), X509_LOOKUP_new(3), X509_OBJECT_get0_X509(3), X509_STORE_load_locations(3), X509_STORE_new(3)

X509_load_cert_file() first appeared in SSLeay 0.8.0 and X509_load_crl_file() in SSLeay 0.9.0. These functions have been available since OpenBSD 2.4.

X509_load_cert_crl_file() first appeared in OpenSSL 0.9.5 and has been available since OpenBSD 2.7.

November 9, 2021 OpenBSD-current