X509_load_http.3ossl - Man Page

certificate and CRL loading functions

Synopsis

 #include <openssl/x509.h>

 X509 *X509_load_http(const char *url, BIO *bio, BIO *rbio, int timeout);
 X509_CRL *X509_CRL_load_http(const char *url, BIO *bio, BIO *rbio, int timeout);

Deprecated since OpenSSL 3.0, can be hidden entirely by defining OPENSSL_API_COMPAT with a suitable version value, see openssl_user_macros(7):

 #define X509_http_nbio(rctx, pcert)
 #define X509_CRL_http_nbio(rctx, pcrl)

Description

X509_load_http() and X509_CRL_load_http() loads a certificate or a CRL, respectively, in ASN.1 format using HTTP from the given url.

If bio is given and rbio is NULL then this BIO is used instead of an internal one for connecting, writing the request, and reading the response. If both bio and rbio are given (which may be memory BIOs, for instance) then no explicit connection is attempted, bio is used for writing the request, and rbio for reading the response.

If the timeout parameter is > 0 this indicates the maximum number of seconds to wait until the transfer is complete. A value of 0 enables waiting indefinitely, while a value < 0 immediately leads to a timeout condition.

X509_http_nbio() and X509_CRL_http_nbio() are macros for backward compatibility that have the same effect as the functions above but with infinite timeout and without the possibility to specify custom BIOs.

Return Values

On success the function yield the loaded value, else NULL. Error conditions include connection/transfer timeout, parse errors, etc.

See Also

OSSL_HTTP_get(3)

History

X509_load_http() and X509_CRL_load_http() were added in OpenSSL 3.0. X509_http_nbio() and X509_CRL_http_nbio() were deprecated in OpenSSL 3.0.

Referenced By

migration_guide.7ossl(7).

The man pages X509_CRL_http_nbio.3ossl(3), X509_CRL_load_http.3ossl(3) and X509_http_nbio.3ossl(3) are aliases of X509_load_http.3ossl(3).

2021-09-09 3.0.0 OpenSSL