gnutls_certificate_set_x509_key_mem2 man page

gnutls_certificate_set_x509_key_mem2 — API function


#include <gnutls/gnutls.h>

int gnutls_certificate_set_x509_key_mem2(gnutls_certificate_credentials_t res, const gnutls_datum_t * cert, const gnutls_datum_t * key, gnutls_x509_crt_fmt_t type, const char * pass, unsigned int flags);


gnutls_certificate_credentials_t res
is a gnutls_certificate_credentials_t type.
const gnutls_datum_t * cert
contains a certificate list (path) for the specified private key
const gnutls_datum_t * key
is the private key, or NULL
gnutls_x509_crt_fmt_t type
is PEM or DER
const char * pass
is the key's password
unsigned int flags
an ORed sequence of gnutls_pkcs_encrypt_flags_t


This function sets a certificate/private key pair in the gnutls_certificate_credentials_t type. This function may be called more than once, in case multiple keys/certificates exist for the server.

Note that the keyUsage ( PKIX extension in X.509 certificates is supported. This means that certificates intended for signing cannot be used for ciphersuites that require encryption.

If the certificate and the private key are given in PEM encoding then the strings that hold their values must be null terminated.

The key may be NULL if you are using a sign callback, see gnutls_sign_callback_set().


An index of the inserted certificate chain on success (greater or equal to zero), or a negative error code.

Reporting Bugs

Report bugs to <bugs@gnutls.org>.
Home page: http://www.gnutls.org

See Also

The full documentation for gnutls is maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visit



gnutls 3.5.4