Searched refs:certificates (Results 1 – 25 of 340) sorted by relevance
12345678910>>...14
| /third_party/openssl/doc/man3/ |
| D | SSL_CTX_load_verify_locations.pod | 7 default locations for trusted CA certificates
25 which CA certificates for verification purposes are located. The certificates
29 which CA certificates are loaded should be used. There is one default directory
30 and one default file. The default CA certificates directory is called "certs" in
32 variable can be defined to override this location. The default CA certificates
46 If B<CAfile> is not NULL, it points to a file of CA certificates in PEM
47 format. The file can contain several CA certificates identified by
53 sequences. Before, between, and after the certificates text is allowed
54 which can be used e.g. for descriptions of the certificates.
59 If B<CApath> is not NULL, it points to a directory containing CA certificates
[all …]
|
| D | SSL_CTX_add_extra_chain_cert.pod | 6 extra chain certificates
18 certificates associated with B<ctx>. Several certificates can be added one
21 SSL_CTX_clear_extra_chain_certs() clears all extra chain certificates
28 When sending a certificate chain, extra chain certificates are sent in order
32 available CA certificates in the trusted CA storage, see
41 Only one set of extra chain certificates can be specified per SSL_CTX
42 structure. Different chains for different certificates (for example if both
43 RSA and DSA certificates are specified by the same server) or different SSL
|
| D | X509_STORE_add_cert.pod | 36 holding information about X.509 certificates and CRLs, and constructing
37 and validating chains of certificates terminating in trusted roots.
39 with large numbers of certificates, and a great deal of flexibility in
43 no information about trusted certificates or where such certificates
45 certificates will be added to the B<X509_STORE> to prepare it for use,
53 certificate to be verified and an additional set of untrusted certificates
55 certificates included in the B<X509_STORE> are certificates that represent
57 OpenSSL represents these trusted certificates internally as B<X509> objects
60 The public interfaces that operate on such trusted certificates still
82 to specify just a file, just a directory, or both paths. The certificates
[all …]
|
| D | SSL_load_client_CA_file.pod | 23 SSL_load_client_CA_file() reads certificates from I<file> and returns
26 SSL_add_file_cert_subjects_to_stack() reads certificates from I<file>,
29 SSL_add_dir_cert_subjects_to_stack() reads certificates from every
35 SSL_load_client_CA_file() reads a file of PEM formatted certificates and
36 extracts the X509_NAMES of the certificates found. While the name suggests
39 it is not limited to CA certificates.
53 Pointer to the subject names of the successfully read certificates.
|
| D | PKCS7_verify.pod | 19 structure to verify. B<certs> is a set of certificates in which to search for
28 PKCS7_get0_signers() retrieves the signer's certificates from B<p7>, it does
45 An attempt is made to locate all the signer's certificates, first looking in
46 the B<certs> parameter (if it is not B<NULL>) and then looking in any certificates
47 contained in the B<p7> structure itself. If any signer's certificates cannot be
51 the supplied trusted certificate store. Any internal certificates in the message
63 If B<PKCS7_NOINTERN> is set the certificates in the message itself are not
65 certificates must be in the B<certs> parameter.
71 If B<PKCS7_NOVERIFY> is set the signer's certificates are not chain verified.
73 If B<PKCS7_NOCHAIN> is set then the certificates contained in the message are
[all …]
|
| D | CMS_verify.pod | 19 structure to verify. B<certs> is a set of certificates in which to search for
40 certificates contained in the B<cms> structure itself. If any signing
44 the supplied trusted certificate store. Any internal certificates in the message
57 If B<CMS_NOINTERN> is set the certificates in the message itself are not
59 signing certificates must be in the B<certs> parameter.
68 If B<CMS_NO_SIGNER_CERT_VERIFY> is set the signing certificates are not
79 a small number of certificates. The acceptable certificates would be passed
81 certificates supplied in B<certs> then the verify will fail because the
85 certificates are not appropriate: for example an application may wish to
86 lookup certificates in a database or perform customised verification. This
[all …]
|
| D | X509_LOOKUP_hash_dir.pod | 33 Internally loading of certificates and CRLs is implemented via functions
37 B<FILETYPE_DEFAULT>. They load certificates and/or CRLs from specified
64 The B<X509_LOOKUP_file> method loads all the certificates or CRLs
68 File format is ASCII text which contains concatenated PEM certificates
77 certificates and CRLs on demand, and caches them in memory once
86 to the subject name for certificates or issuer name for CRLs.
98 certificates with same subject name hash value.
99 For example, it is possible to have in the store several certificates with same
104 loaded, hash_dir lookup method checks only for certificates with
|
| D | X509_STORE_CTX_new.pod | 76 certificates (which will be untrusted but may be used to build the chain) in
80 X509_STORE_CTX_set0_trusted_stack() sets the set of trusted certificates of
81 B<ctx> to B<sk>. This is an alternative way of specifying trusted certificates
104 stack of untrusted certificates associated with B<ctx>.
107 of untrusted certificates associated with B<ctx> to B<sk>.
116 X509_STORE_CTX_get_num_untrusted() returns the number of untrusted certificates
131 X509 certificates may contain information about what purposes keys contained
134 certificate itself. In addition the trust store containing trusted certificates
135 can declare what purposes we trust different certificates for. This "trust"
156 the key usage declared within certificates in the chain being verified is
[all …]
|
| D | SSL_CTX_use_certificate.pod | 54 These functions load the certificates and private keys into the SSL_CTX
57 The SSL_CTX_* class of functions loads the certificates and keys into the
62 The SSL_* class of functions only loads certificates and keys into a
68 certificates needed to form the complete certificate chain can be
85 B<file> into B<ctx>. The certificates must be in PEM format and must
87 certificate), followed by intermediate CA certificates if applicable, and
144 When reading certificates and private keys from file, files of type
151 in the file to the certificate store. The other certificates are added
152 to the store of chain certificates using L<SSL_CTX_add1_chain_cert(3)>. Note: versions of OpenSSL b…
160 If additional certificates are needed to complete the chain during the
[all …]
|
| D | SSL_CTX_set_cert_store.pod | 30 In order to verify the certificates presented by the peer, trusted CA
31 certificates must be accessed. These CA certificates are made available
33 the X509_STORE_CTX used when verifying certificates is created.
62 certificates and building certificate chains, it is also shared by
|
| D | X509_VERIFY_PARAM_set_flags.pod | 105 That is the maximum number of intermediate CA certificates that can appear in a
107 A maximal depth chain contains 2 more certificates than the limit, since
119 For a certificate chain to validate, the public keys of all the certificates
151 issuer certificates apply to the subject CommonName as well as the subject
157 issuer certificates will not be applied to the subject DN.
235 any unhandled critical extensions in certificates or (if checked) CRLs results
242 certificates and makes the verification strictly apply B<X509> rules.
279 in L<X509_verify_cert(3)> will search the trust store for issuer certificates
280 before searching the provided untrusted certificates.
281 Local issuer certificates are often more likely to satisfy local security
[all …]
|
| D | SSL_CTX_set_cert_cb.pod | 26 the passed B<ssl> structure and set or clear any appropriate certificates. If
27 the callback is successful it B<MUST> return 1 even if no certificates have
41 It can add intermediate and optionally the root CA certificates using
44 It might also call SSL_certs_clear() to delete any certificates associated
58 Normal server sanity checks are performed on any certificates set
|
| D | CMS_add0_cert.pod | 25 CMS_get1_certs() returns all certificates in B<cms>.
35 For signed data certificates and CRLs are added to the B<certificates> and
51 CMS_get1_certs() and CMS_get1_crls() return the STACK of certificates or CRLs
|
| D | PKCS12_parse.pod | 20 certificate to B<*cert> and any additional certificates to B<*ca>.
25 which case additional certificates will be discarded. B<*ca> can also be a
26 valid STACK in which case additional certificates are appended to B<*ca>. If
55 certificates. Other attributes are discarded.
|
| /third_party/openssl/demos/certs/ |
| D | README | 1 There is often a need to generate test certificates automatically using
3 CA certificates, obsolete V1 certificates or duplicate serial numbers.
6 The mkcerts.sh script is an example of how to generate certificates
8 signed by the root and several certificates signed by the intermediate CA.
11 certificates and generates a CRL. Then one certificate is revoked and a
15 client certificates.
17 The script ocspquery.sh queries the status of the certificates using the
|
| /third_party/openssl/doc/man1/ |
| D | crl2pkcs7.pod | 6 crl2pkcs7 - Create a PKCS#7 structure from a CRL and certificates
22 certificates and converts them into a PKCS#7 degenerate "certificates
57 Specifies a filename containing one or more certificates in B<PEM> format.
58 All certificates in the file will be added to the PKCS#7 structure. This
59 option can be used more than once to read certificates from multiple
76 different certificates:
84 just certificates and an optional CRL.
86 This utility can be used to send certificates and CAs to Netscape as part of
91 install user certificates and CAs in MSIE using the Xenroll control.
|
| D | verify.pod | 6 verify - Utility to verify certificates
54 [certificates]
70 A B<file> of trusted certificates.
71 The file should contain one or more certificates in PEM format.
75 A directory of trusted certificates. The certificates should have names
79 create symbolic links to a directory of certificates.
83 Do not load the trusted CA certificates from the default file location.
87 Do not load the trusted CA certificates from the default directory location.
91 Allow the verification of proxy certificates.
124 Checks the validity of B<all> certificates in the chain by attempting
[all …]
|
| D | nseq.pod | 19 sequence and prints out the certificates contained in it or takes a
20 file of certificates and converts it into a Netscape certificate
43 is the certificates contained in it. With the B<-toseq> option the
45 a file of certificates.
51 Output the certificates in a Netscape certificate sequence
68 certificates are sent to the browser: for example during certificate enrollment.
|
| D | pkcs12.pod | 75 The filename to write certificates and private keys to, standard output by
95 This option inhibits output of the keys and certificates to the output file
100 Only output client certificates (not CA certificates).
104 Only output CA certificates (not client certificates).
108 No certificates at all will be output.
176 The filename to read certificates and private keys from, standard input by
179 certificates are present they will also be included in the PKCS#12 file.
195 A filename to read additional certificates from.
199 This specifies the "friendly name" for other certificates. This option may be
200 used multiple times to specify names for all certificates in the order they
[all …]
|
| /third_party/node/doc/guides/ |
| D | maintaining-root-certs.md | 1 # Maintaining the root certificates
3 Node.js contains a compiled-in set of root certificates used as trust anchors
6 The certificates come from Mozilla, specifically NSS's `certdata.txt` file.
8 The PEM encodings of the certificates are converted to C strings, and committed
13 Root certificates should be updated sometime after Mozilla makes an NSS release,
98 crypto: update root certificates
100 Update the list of root certificates in src/node_root_certs.h with
|
| /third_party/openssl/doc/man7/ |
| D | proxy-certificates.pod | 7 proxy-certificates - Proxy certificates in OpenSSL
11 Proxy certificates are defined in RFC 3820. They are used to
43 OpenSSL expects applications that want to use proxy certificates to be
55 =head2 Creating proxy certificates
57 Creating proxy certificates can be done using the L<openssl-x509(1)>
137 rights by checking the rights against the chain of proxy certificates,
138 user certificate and CA certificates.
216 * ok is 1, the certificates are checked from top to
220 * certificates.
326 certificates checked properly, using the code above:
[all …]
|
| /third_party/curl/docs/ |
| D | SSLCERTS.md | 16 certificates. If you're not sure, then run "curl -V" and read the results. If
25 server certificates you see are valid. They're signed by one of the CAs you
42 certificates that are signed by CAs present in the store, you can be sure
67 certificates need to be concatenated in PEM format into this file.
70 certificates need to be stored as individual PEM files in this directory.
125 certificate that isn't signed by one of the certificates in the installed CA
154 use the certificates that are built into the OS. These are the same
155 certificates that appear in the Internet Options control panel (under Windows)
157 certificates will be honored.
159 Schannel will run CRL checks on certificates unless peer verification is
[all …]
|
| /third_party/glib/gio/tests/ |
| D | socket-client.c | 71 GList *c, *certificates; in lookup_client_certificate() local
81 certificates = g_tls_database_lookup_certificates_issued_by (database, l->data, in lookup_client_certificate()
88 if (certificates) in lookup_client_certificate()
89 certificate = g_object_ref (certificates->data); in lookup_client_certificate()
91 for (c = certificates; c != NULL; c = g_list_next (c)) in lookup_client_certificate()
93 g_list_free (certificates); in lookup_client_certificate()
|
| /third_party/libwebsockets/scripts/ |
| D | travis_install.sh | 21 sudo update-ca-certificates
31 sudo update-ca-certificates
41 sudo update-ca-certificates
|
| /third_party/mbedtls/tests/data_files/dir-maxpath/ |
| D | Readme.txt | 1 These certificates form a very long chain, used to test the
10 Those certificates were generated by tests/data_files/dir-maxpath/long.sh.
|
12345678910>>...14