int gnutls_certificate_set_x509_key_mem(gnutls_certificate_credentials_t res, const gnutls_datum_t * cert, const gnutls_datum_t * key, gnutls_x509_crt_fmt_t type);
- gnutls_certificate_credentials_t res
is a gnutls_certificate_credentials_t type.
- const gnutls_datum_t * cert
contains a certificate list (path) for the specified private key
- const gnutls_datum_t * key
is the private key, or NULL
- gnutls_x509_crt_fmt_t type
is PEM or DER
This function sets a certificate/private key pair in the gnutls_certificate_credentials_t type. This function may be called more than once, in case multiple keys/certificates exist for the server.
Note that the keyUsage (220.127.116.11) PKIX extension in X.509 certificates is supported. This means that certificates intended for signing cannot be used for ciphersuites that require encryption.
If the certificate and the private key are given in PEM encoding then the strings that hold their values must be null terminated.
The key may be NULL if you are using a sign callback, see gnutls_sign_callback_set().
Note that, this function by default returns zero on success and a negative value on error. Since 3.5.6, when the flag GNUTLS_CERTIFICATE_API_V2 is set using gnutls_certificate_set_flags() it returns an index (greater or equal to zero). That index can be used to other functions to refer to the added key-pair.
On success this functions returns zero, and otherwise a negative value on error (see above for modifying that behavior).
Report bugs to <email@example.com>.
Home page: https://www.gnutls.org
Copyright © 2001-2023 Free Software Foundation, Inc., and others.
Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved.
The full documentation for gnutls is maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visit