Name

ne_ssl_trust_cert, ne_ssl_trust_default_ca — functions to indicate that certificates are trusted

Synopsis

#include <ne_session.h>
void ne_ssl_trust_cert(ne_session *session,
 const ne_ssl_certificate *cert);
 
void ne_ssl_trust_default_ca(ne_session *session);
 

Description

To indicate that a given certificate is trusted by the user, the certificate object can be passed to ne_ssl_trust_cert. The certificate object is duplicated internally and can subsequently be destroyed.

The SSL library in use by neon may include a default set of CA certificates; calling the ne_ssl_trust_default_ca function will indicate that these CAs are trusted by the user.

Examples

Load the CA certificate stored in /path/to/cacert.pem:

ne_session *sess = ne_session_create(...);
ne_ssl_certificate *cert = ne_ssl_cert_read("/path/to/cacert.pem");

if (cert) {
   ne_ssl_trust_cert(sess, cert);
   ne_ssl_cert_free(cert);
} else {
   printf("Could not load CA cert: %s\n", ne_get_error(sess));
}

History

ne_ssl_trust_default_ca is not safe to call for non-SSL sessions versions of neon before 0.33.0. In 0.33.0 and later, this function is a no-op for non-SSL sessinos.

See also

ne_ssl_cert_read, ne_ssl_cert_import, ne_ssl_cert_free