gnutls_certificate_set_x509_key_mem2 (3) - Linux Manuals

gnutls_certificate_set_x509_key_mem2: API function


gnutls_certificate_set_x509_key_mem2 - API function


#include <gnutls/gnutls.h>

int gnutls_certificate_set_x509_key_mem2(gnutls_certificate_credentials_t res, const gnutls_datum_t * cert, const gnutls_datum_t * key, gnutls_x509_crt_fmt_t type, const char * pass, unsigned int flags);


gnutls_certificate_credentials_t res
is a gnutls_certificate_credentials_t structure.
const gnutls_datum_t * cert
contains a certificate list (path) for the specified private key
const gnutls_datum_t * key
is the private key, or NULL
gnutls_x509_crt_fmt_t type
is PEM or DER
const char * pass
is the key's password
unsigned int flags
an ORed sequence of gnutls_pkcs_encrypt_flags_t


This function sets a certificate/private key pair in the gnutls_certificate_credentials_t structure. This function may be called more than once, in case multiple keys/certificates exist for the server.

Note that the keyUsage ( PKIX extension in X.509 certificates is supported. This means that certificates intended for signing cannot be used for ciphersuites that require encryption.

If the certificate and the private key are given in PEM encoding then the strings that hold their values must be null terminated.

The key may be NULL if you are using a sign callback, see gnutls_sign_callback_set().


GNUTLS_E_SUCCESS (0) on success, or a negative error code.


Report bugs to <bugs [at]>.
Home page:


Copyright © 2001-2014 Free Software Foundation, Inc..
Copying and distribution of this file, with or without modification, are permitted in any medium without royalty provided the copyright notice and this notice are preserved.


The full documentation for gnutls is maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visit