gnutls_certificate_set_flags - Linux
Overview
gnutls_certificate_set_flags()
sets the flags in a certificate. This function can be used to set various options, such as whether the certificate is trusted or not.
Syntax
gnutls_certificate_set_flags(certificate, flags);
- certificate: Pointer to the certificate to set the flags of.
- flags: The flags to set in the certificate.
Options/Flags
The following flags can be set in a certificate:
GNUTLS_CERT_INVALID
: The certificate is invalid.GNUTLS_CERT_SIGNER_ERROR
: The certificate was signed by an untrusted signer.GNUTLS_CERT_NOT_TRUSTED
: The certificate is not trusted.GNUTLS_CERT_REVOKED
: The certificate has been revoked.GNUTLS_CERT_INSECURE_ALGORITHM
: The certificate uses an insecure algorithm.GNUTLS_CERT_EXPIRED
: The certificate has expired.GNUTLS_CERT_NOT_YET_VALID
: The certificate is not yet valid.GNUTLS_CERT_NO_CRL
: The certificate does not have a corresponding CRL.GNUTLS_CERT_NO_OCSP
: The certificate does not have a corresponding OCSP responder.GNUTLS_CERT_IMPORTED
: The certificate has been imported from a file.
Examples
The following code sets the GNUTLS_CERT_INVALID
flag in a certificate:
gnutls_certificate_set_flags(certificate, GNUTLS_CERT_INVALID);
The following code sets the GNUTLS_CERT_NOT_TRUSTED
and GNUTLS_CERT_EXPIRED
flags in a certificate:
gnutls_certificate_set_flags(certificate, GNUTLS_CERT_NOT_TRUSTED | GNUTLS_CERT_EXPIRED);
Common Issues
One common issue that can occur when setting the flags in a certificate is that the flags may not be set correctly. This can happen if the flags are not set in the correct order, or if the flags are set to an invalid value.
Integration
gnutls_certificate_set_flags()
can be used in conjunction with other GnuTLS functions to manage certificates. For example, gnutls_certificate_get_flags()
can be used to get the flags that are currently set in a certificate.
Related Commands
gnutls_certificate_get_flags()
gnutls_certificate_set_ocsp_responder()
gnutls_certificate_set_crl()