Method SSL.Context()->add_cert()
- Method add_cert
void
add_cert(Crypto.Sign.State
key
,array
(string(8bit)
)certs
,array
(string(8bit)
)|void
extra_name_globs
)
variant
void
add_cert(string(8bit)
key
,array
(string(8bit)
)certs
,array
(string(8bit)
)|void
extra_name_globs
)
variant
void
add_cert(CertificatePair
cp
)- Description
Add a certificate.
This function is used on both servers and clients to add a key and chain of certificates to the set of certificate candidates to use in
find_cert()
.On a server these are used in the normal initial handshake, while on a client they are only used if a server requests client certificate authentication.
- Parameter
key
Private key matching the first certificate in
certs
.Supported key types are currently:
Crypto.RSA.State
Rivest-Shamir-Adelman.
Crypto.DSA.State
Digital Signing Algorithm.
Crypto.ECC.Curve.ECDSA
Elliptic Curve Digital Signing Algorithm.
This key MUST match the public key in the first certificate in
certs
.- Parameter
certs
A chain of X509.v1 or X509.v3 certificates, with the local certificate first and root-most certificate last.
- Parameter
extra_name_globs
Further SNI globs (than the ones in the first certificate), that this certificate should be selected for. Typically used to set the default certificate(s) by specifying
({ "*" })
.The SNI globs are only relevant for server-side certificates.
- Parameter
cp
An alternative is to send an initialized CertificatePair.
- Throws
The function performs various validations of the
key
andcerts
, and throws errors if the validation fails.- See also
find_cert()