gnutls_certificate_set_ocsp_status_request_file(3) — Linux manual page

gnutls_certif...s_request_file(3) gnutlsgnutls_certif...s_request_file(3)

NAME         top

       gnutls_certificate_set_ocsp_status_request_file - API function

SYNOPSIS         top

       #include <gnutls/gnutls.h>

       int
       gnutls_certificate_set_ocsp_status_request_file(gnutls_certificate_credentials_t
       sc, const char * response_file, unsigned idx);

ARGUMENTS         top

       gnutls_certificate_credentials_t sc
                   is a credentials structure.

       const char * response_file
                   a filename of the OCSP response

       unsigned idx
                   is a certificate index as returned by
                   gnutls_certificate_set_key() and friends

DESCRIPTION         top

       This function loads the provided OCSP response. It will be sent to
       the client if requests an OCSP certificate status for the
       certificate chain specified by  idx .

NOTE         top

       the ability to set multiple OCSP responses per credential
       structure via the index  idx was added in version 3.5.6. To keep
       backwards compatibility, it requires using
       gnutls_certificate_set_flags() with the GNUTLS_CERTIFICATE_API_V2
       flag to make the set certificate functions return an index usable
       by this function.

       This function can be called multiple times since GnuTLS 3.6.3 when
       multiple responses which apply to the chain are available.  If the
       response provided does not match any certificates present in the
       chain, the code GNUTLS_E_OCSP_MISMATCH_WITH_CERTS is returned.  To
       revert to the previous behavior set the flag
       GNUTLS_CERTIFICATE_SKIP_OCSP_RESPONSE_CHECK in the certificate
       credentials structure. In that case, only the end-certificate's
       OCSP response can be set.  If the response is already expired at
       the time of loading the code GNUTLS_E_EXPIRED is returned.

       To revert to the previous behavior of this function which does not
       return any errors, set the flag
       GNUTLS_CERTIFICATE_SKIP_OCSP_RESPONSE_CHECK

RETURNS         top

       On success, GNUTLS_E_SUCCESS (0) is returned, otherwise a negative
       error code is returned.

SINCE         top

       3.1.3

REPORTING BUGS         top

       Report bugs to <[email protected]>.
       Home page: https://www.gnutls.org

COPYRIGHT         top

       Copyright © 2001-2023 Free Software Foundation, Inc., and others.
       Copying and distribution of this file, with or without
       modification, are permitted in any medium without royalty provided
       the copyright notice and this notice are preserved.

SEE ALSO         top

       The full documentation for gnutls is maintained as a Texinfo
       manual.  If the /usr/share/doc/gnutls/ directory does not contain
       the HTML form visit

       https://www.gnutls.org/manual/

COLOPHON         top

       This page is part of the GnuTLS (GnuTLS Transport Layer Security
       Library) project.  Information about the project can be found at
       ⟨http://www.gnutls.org/⟩.  If you have a bug report for this
       manual page, send it to [email protected].  This page was obtained
       from the tarball fetched from
       ⟨https://www.gnupg.org/ftp/gcrypt/gnutls/⟩ on 2025-08-11.  If you
       discover any rendering problems in this HTML version of the page,
       or you believe there is a better or more up-to-date source for the
       page, or you have corrections or improvements to the information
       in this COLOPHON (which is not part of the original manual page),
       send a mail to [email protected]

gnutls                            3.8.10gnutls_certif...s_request_file(3)

HTML rendering created 2025-09-06 by Michael Kerrisk, author of The Linux Programming Interface. For details of in-depth Linux/UNIX system programming training courses that I teach, look here. Hosting by jambit GmbH.