Provided by: gnutls-doc_3.5.18-1ubuntu1.6_all bug

NAME

       gnutls_certificate_set_x509_key_file2 - API function

SYNOPSIS

       #include <gnutls/gnutls.h>

       int gnutls_certificate_set_x509_key_file2(gnutls_certificate_credentials_t res, const char
       * certfile, const char * keyfile, gnutls_x509_crt_fmt_t type, const char * pass,  unsigned
       int flags);

ARGUMENTS

       gnutls_certificate_credentials_t res
                   is a gnutls_certificate_credentials_t type.

       const char * certfile
                   is  a  file  that  containing  the  certificate  list (path) for the specified
                   private key, in PKCS7 format, or a list of certificates

       const char * keyfile
                   is a file that contains the private key

       gnutls_x509_crt_fmt_t type
                   is PEM or DER

       const char * pass
                   is the password of the key

       unsigned int flags
                   an ORed sequence of gnutls_pkcs_encrypt_flags_t

DESCRIPTION

       This function sets a certificate/private key pair in the  gnutls_certificate_credentials_t
       type.   This  function  may  be  called more than once, in case multiple keys/certificates
       exist for the server.  For clients that  need  to  send  more  than  its  own  end  entity
       certificate, e.g., also an intermediate CA cert, then the
        certfile must contain the ordered certificate chain.

       Note  that  the  names  in  the certificate provided will be considered when selecting the
       appropriate certificate to use (in case of multiple certificate/key pairs).

       This function can also accept URLs at  keyfile and  certfile . In that case  it  will  use
       the  private  key  and certificate indicated by the URLs. Note that the supported URLs are
       the ones indicated by gnutls_url_is_supported().  Before  GnuTLS  3.4.0  when  a  URL  was
       specified,  the  pass part was ignored and a PIN callback had to be registered, this is no
       longer the case in current releases.

       In case the  certfile is provided as a PKCS 11 URL, then the certificate, and its  present
       issuers in the token are imported (i.e., forming the required trust chain).

       If that function fails to load the  res structure is at an undefined state, it must not be
       reused to load other keys or certificates.

       Note that, this function by default returns zero on success and a negative value on error.
       Since     3.5.6,    when    the    flag    GNUTLS_CERTIFICATE_API_V2    is    set    using
       gnutls_certificate_set_flags() it returns an index (greater or equal to zero). That  index
       can be used to other functions to refer to the added key-pair.

RETURNS

       On success this functions returns zero, and otherwise a negative value on error (see above
       for modifying that behavior).

REPORTING BUGS

       Report bugs to <bugs@gnutls.org>.
       Home page: http://www.gnutls.org

COPYRIGHT

       Copyright © 2001-2022 Free Software Foundation, Inc., and others.
       Copying and distribution of this file, with or without modification, are permitted in  any
       medium without royalty provided the copyright notice and this notice are preserved.

SEE ALSO

       The   full   documentation  for  gnutls  is  maintained  as  a  Texinfo  manual.   If  the
       /usr/share/doc/gnutls/ directory does not contain the HTML form visit

       http://www.gnutls.org/manual/