1=pod 2 3=head1 NAME 4 5SSL_CTX_load_verify_locations - set default locations for trusted CA 6certificates 7 8=head1 SYNOPSIS --- 44 unchanged lines hidden (view full) --- 53do not match, the next certificate will be tried. If a first certificate 54matching the parameters is found, the verification process will be performed; 55no other certificates for the same parameters will be searched in case of 56failure. 57 58In server mode, when requesting a client certificate, the server must send 59the list of CAs of which it will accept client certificates. This list 60is not influenced by the contents of B<CAfile> or B<CApath> and must |
61explicitly be set using the |
62L<SSL_CTX_set_client_CA_list(3)|SSL_CTX_set_client_CA_list(3)> 63family of functions. 64 65When building its own certificate chain, an OpenSSL client/server will 66try to fill in missing certificates from B<CAfile>/B<CApath>, if the 67certificate chain was not explicitly specified (see 68L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>, 69L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>. --- 43 unchanged lines hidden (view full) --- 113=back 114 115=head1 SEE ALSO 116 117L<ssl(3)|ssl(3)>, 118L<SSL_CTX_set_client_CA_list(3)|SSL_CTX_set_client_CA_list(3)>, 119L<SSL_get_client_CA_list(3)|SSL_get_client_CA_list(3)>, 120L<SSL_CTX_use_certificate(3)|SSL_CTX_use_certificate(3)>, |
121L<SSL_CTX_add_extra_chain_cert(3)|SSL_CTX_add_extra_chain_cert(3)>, 122L<SSL_CTX_set_cert_store(3)|SSL_CTX_set_cert_store(3)> |
123 |
124=cut |