Method SSL.Context()->add_cert()
- Method add_cert
voidadd_cert(Crypto.Sign.Statekey,array(string(8bit))certs,array(string(8bit))|voidextra_name_globs)
variantvoidadd_cert(string(8bit)key,array(string(8bit))certs,array(string(8bit))|voidextra_name_globs)
variantvoidadd_cert(CertificatePaircp)- Description
Add a certificate.
This function is used on both servers and clients to add a key and chain of certificates to the set of certificate candidates to use in
find_cert().On a server these are used in the normal initial handshake, while on a client they are only used if a server requests client certificate authentication.
- Parameter
key Private key matching the first certificate in
certs.Supported key types are currently:
Crypto.RSA.StateRivest-Shamir-Adelman.
Crypto.DSA.StateDigital Signing Algorithm.
Crypto.ECC.Curve.ECDSAElliptic Curve Digital Signing Algorithm.
This key MUST match the public key in the first certificate in
certs.- Parameter
certs A chain of X509.v1 or X509.v3 certificates, with the local certificate first and root-most certificate last.
- Parameter
extra_name_globs Further SNI globs (than the ones in the first certificate), that this certificate should be selected for. Typically used to set the default certificate(s) by specifying
({ "*" }).The SNI globs are only relevant for server-side certificates.
- Parameter
cp An alternative is to send an initialized CertificatePair.
- Throws
The function performs various validations of the
keyandcerts, and throws errors if the validation fails.- See also
find_cert()