NSSLAddServerPKIExternal

Syntax

#include <cafe.h>
#include <cafe/nssl/nsslclient.h>

NSSL_RVAL NSSLAddServerPKIExternal(NSSLContextHandle context,
                                   const u8* pServerCert,
                                   int serverCertLen,
				   NSSLCertType serverCertType);

Parameters

context The context for which the certificate is to be added.
pServerCert Certificate buffer. The buffer size and address should be aligned to NSSL_IO_BUFFER_ALIGN.
serverCertLen Certificate buffer length (max size 4KB).
serverCertType Type of the certificate. Currently, only NSSL_CERT_TYPE_DER is supported. pServerCert should contain a certificate in DER format.

Return Values

NSSL_RVAL_OK on success, error code of type NSSL_RVAL on failure.

Description

Adds a trusted CA certificate to be used to verify the peer certificate. The certificate is used for all the connections created under the context. NSSLAddServerPKIExternal can be called multiple times for a context to add multiple trusted issuer certificates. An application can add maximum of 70 external certificates combined to all the contexts it creates (Adding more external certificates will result in NSSL_RVAL_PROC_MAX_EXT_CERTS error).

Do Not Call From

Callbacks Do not call this function from any callback function.
Interrupt handler Do not call this function from any interrupt handler.
Exception handler Do not call this function from any exception handler.

See Also

NSSLSetClientPKIExternal
NSSLAddServerPKI
NSSLSetClientPKIExternal
NSSLAddServerPKIGroups

Revision History

2012/08/16 Cleanup pass.
2012/04/06 Initial version.


CONFIDENTIAL