gnutls_certificate_set_ocsp_status_request_file2 - Linux
Overview
gnutls_certificate_set_ocsp_status_request_file2 sets the certificate status request file for OCSP stapling in a gnutls_certificate_credentials_t
structure. OCSP stapling allows servers to provide assurance to clients that their certificates are not revoked.
Syntax
gnutls_certificate_set_ocsp_status_request_file2(gnutls_certificate_credentials_t cred,
const char *file,
gnutls_ocsp_status_type_t type);
Options/Flags
cred
: A pointer to thegnutls_certificate_credentials_t
structure in which to set the value.file
: The path to the certificate status request file.type
: The type of OCSP status request to send:GNUTLS_OCSP_STATUS_TYPE_DEFAULT
: Default (stapled OCSP responses)GNUTLS_OCSP_STATUS_TYPE_UNVERIFIED
: Unverified OCSP responses (OCSP responses that are not TLS-signed)
Examples
Example 1: Setting a Default OCSP Status Request File
gnutls_certificate_credentials_t cred;
gnutls_certificate_set_ocsp_status_request_file2(cred, "ocsp_status_request.req", GNUTLS_OCSP_STATUS_TYPE_DEFAULT);
Example 2: Setting an Unverified OCSP Status Request File
gnutls_certificate_credentials_t cred;
gnutls_certificate_set_ocsp_status_request_file2(cred, "ocsp_status_request.req", GNUTLS_OCSP_STATUS_TYPE_UNVERIFIED);
Common Issues
- Ensure that the file is accessible and readable by the process running the command.
- The file should be in a valid request format (e.g., PEM or DER).
Integration
gnutls_certificate_set_ocsp_status_request_file2 is most commonly used in conjunction with other gnutls functions for setting up TLS/SSL connections and authenticating servers.
Related Commands
gnutls_certificate_set_ocsp_status_request_file
: Obsolete function that only supports stapled OCSP responses.gnutls_ocsp_status_request_init
: Initializes an OCSP status request.gnutls_ocsp_stapling_verify
: Verifies OCSP stapling in a TLS session.