gnutls_store_pubkey man page

gnutls_store_pubkey — API function


#include <gnutls/gnutls.h>

int gnutls_store_pubkey(const char * db_name, gnutls_tdb_t tdb, const char * host, const char * service, gnutls_certificate_type_t cert_type, const gnutls_datum_t * cert, time_t expiration, unsigned int flags);


const char * db_name
A file specifying the stored keys (use NULL for the default)
gnutls_tdb_t tdb
A storage structure or NULL to use the default
const char * host
The peer's name
const char * service
non-NULL if this key is specific to a service (e.g. http)
gnutls_certificate_type_t cert_type
The type of the certificate
const gnutls_datum_t * cert
The data of the certificate
time_t expiration
The expiration time (use 0 to disable expiration)
unsigned int flags
should be 0.


This function will store the provided (raw or DER-encoded) certificate to the list of stored public keys. The key will be considered valid until the provided expiration time.

The store variable if non-null specifies a custom backend for the storage of entries. If it is NULL then the default file backend will be used.

Unless an alternative tdb is provided, the storage format is a textual format consisting of a line for each host with fields separated by '|'. The contents of the fields are a format-identifier which is set to 'g0', the hostname that the rest of the data applies to, the numeric port or host name, the expiration time in seconds since the epoch (0 for no expiration), and a base64 encoding of the raw (DER) public key information (SPKI) of the peer.


On success, GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.



Reporting Bugs

Report bugs to <>.
Home page:

See Also

The full documentation for gnutls is maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visit


3.5.8 gnutls gnutls