1 <refentry id="refsslca"> 2 3 <refmeta> 4 <refentrytitle>ne_ssl_load_ca</refentrytitle> 5 <manvolnum>3</manvolnum> 6 </refmeta> 7 8 <refnamediv> 9 <refname id="ne_ssl_load_ca">ne_ssl_load_ca</refname> 10 <refname id="ne_ssl_load_default_ca">ne_ssl_load_default_ca</refname> 11 <refpurpose>load SSL Certificate Authorities</refpurpose> 12 </refnamediv> 13 14 <refsynopsisdiv> 15 16 <funcsynopsis> 17 18 <funcsynopsisinfo>#include <ne_session.h></funcsynopsisinfo> 19 20 <funcprototype> 21 <funcdef>int <function>ne_ssl_load_ca</function></funcdef> 22 <paramdef>ne_session *<parameter>session</parameter></paramdef> 23 <paramdef>const char *<parameter>filename</parameter></paramdef> 24 </funcprototype> 25 26 <funcprototype> 27 <funcdef>int <function>ne_ssl_load_default_ca</function></funcdef> 28 <paramdef>ne_session *<parameter>session</parameter></paramdef> 29 </funcprototype> 30 31 </funcsynopsis> 32 33 </refsynopsisdiv> 34 35 <refsect1> 36 <title>Description</title> 37 38 <para>To indicate that a given CA certificate is trusted by the user, 39the certificate can be loaded using the <function>ne_ssl_load_ca</function> 40function. The <parameter>filename</parameter> parameter given must specify 41the location of a PEM-encoded CA certificate.</para> 42 43 <para>The SSL library in use by neon may include a default set 44of CA certificates; calling the 45<function>ne_ssl_load_default_ca</function> function will indicate 46that these CAs are trusted by the user.</para> 47 48 <para>If no CA certificates are loaded, or the server presents 49a certificate which is invalid in some way, then the certificate must 50be manually verified (see <xref linkend="ne_ssl_set_verify"/>), otherwise the 51connection will fail.</para> 52 53 </refsect1> 54 55 <refsect1> 56 <title>Return value</title> 57 58 <para>Both <function>ne_ssl_load_ca</function> and 59<function>ne_ssl_load_default_ca</function> functions return 60<literal>0</literal> on success, or non-zero on failure.</para> 61 62 </refsect1> 63 64 <refsect1> 65 <title>Examples</title> 66 67 <para>Load the CA certificate stored in <filename>/path/to/cacert.pem</filename>:</para> 68 <programlisting>&egsess; 69 70if (ne_ssl_load_ca(sess, "/path/to/cacert.pem")) { 71 printf("Could not load CA cert: %s\n", ne_get_error(sess)); 72}</programlisting> 73 </refsect1> 74 75 <refsect1> 76 <title>See also</title> 77 78 <para><xref linkend="ne_get_error"/>, <xref 79 linkend="ne_ssl_set_verify"/></para> </refsect1> 80 81 </refentry> 82