HTML rendering created 2025-09-06 byMichael Kerrisk, author ofThe Linux Programming Interface. For details of in-depthLinux/UNIX system programming training courses that I teach, lookhere. Hosting byjambit GmbH. |  |
NAME |SYNOPSIS |ARGUMENTS |DESCRIPTION |RETURNS |SINCE |REPORTING BUGS |COPYRIGHT |SEE ALSO |COLOPHON | |
gnutls_certif...x509_key_file(3) gnutlsgnutls_certif...x509_key_file(3)gnutls_certificate_set_x509_key_file - API function
#include <gnutls/gnutls.h>intgnutls_certificate_set_x509_key_file(gnutls_certificate_credentials_tres, const char *certfile, const char *keyfile,gnutls_x509_crt_fmt_ttype);
gnutls_certificate_credentials_t res is agnutls_certificate_credentials_ttype. const char * certfile is a file that containing the certificate list (path) for the specified private key, in PKCS7 format, or a list of certificates const char * keyfile is a file that contains the private key gnutls_x509_crt_fmt_t type is PEM or DER
This function sets a certificate/private key pair in the gnutls_certificate_credentials_t type. This function may be called more than once, in case multiple keys/certificates exist for the server. For clients that need to send more than its own end entity certificate, e.g., also an intermediate CA cert, then thecertfile must contain the ordered certificate chain. Note that the names in the certificate provided will be considered when selecting the appropriate certificate to use (in case of multiple certificate/key pairs). This function can also accept URLs atkeyfile andcertfile . In that case it will use the private key and certificate indicated by the URLs. Note that the supported URLs are the ones indicated bygnutls_url_is_supported(). In case thecertfile is provided as a PKCS11URL, then the certificate, and its present issuers in the token are imported (i.e., forming the required trust chain). If that function fails to load theres structure is at an undefined state, it must not be reused to load other keys or certificates. Note that, this function by default returns zero on success and a negative value on error. Since 3.5.6, when the flagGNUTLS_CERTIFICATE_API_V2is set usinggnutls_certificate_set_flags()it returns an index (greater or equal to zero). That index can be used to other functions to refer to the added key-pair.
On success this functions returns zero, and otherwise a negative value on error (see above for modifying that behavior).
3.1.11
Report bugs to <bugs@gnutls.org>. Home page:https://www.gnutls.org
Copyright © 2001-2023 Free Software Foundation, Inc., and others. Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved.
The full documentation forgnutlsis maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visithttps://www.gnutls.org/manual/
This page is part of theGnuTLS (GnuTLS Transport Layer Security Library) project. Information about the project can be found at ⟨http://www.gnutls.org/⟩. If you have a bug report for this manual page, send it to bugs@gnutls.org. This page was obtained from the tarball fetched from ⟨https://www.gnupg.org/ftp/gcrypt/gnutls/⟩ on 2025-08-11. If you discover any rendering problems in this HTML version of the page, or you believe there is a better or more up-to-date source for the page, or you have corrections or improvements to the information in this COLOPHON (which isnot part of the original manual page), send a mail to man-pages@man7.orggnutls 3.8.10gnutls_certif...x509_key_file(3)HTML rendering created 2025-09-06 byMichael Kerrisk, author ofThe Linux Programming Interface. For details of in-depthLinux/UNIX system programming training courses that I teach, lookhere. Hosting byjambit GmbH. | |