mirror of https://github.com/openssl/openssl.git
37933acbea
Add functions that will do the work of assigning certificate, privatekey and chain certs to an SSL or SSL_CTX. If no privatekey is given, use the publickey. This will permit the keys to pass validation for both ECDSA and RSA. If a private key has already been set for the certificate, it is discarded. A real private key can be set later. This is an all-or-nothing setting of these parameters. Unlike the SSL/SSL_CTX_use_certificate() and SSL/SSL_CTX_use_PrivateKey() functions, the existing cert or privatekey is not modified (i.e. parameters copied). This permits the existing cert/privatekey to be replaced. It replaces the sequence of: * SSL_use_certificate() * SSL_use_privatekey() * SSL_set1_chain() And may actually be faster, as multiple checks are consolidated. The private key can be NULL, if so an ENGINE module needs to contain the actual private key that is to be used. Note that ECDH (using the certificate's ECDSA key) ciphers do not work without the private key being present, based on how the private key is used in ECDH. ECDH does not offer PFS; ECDHE ciphers should be used instead. Reviewed-by: Tim Hudson <tjh@openssl.org> Reviewed-by: Ben Kaduk <kaduk@mit.edu> (Merged from https://github.com/openssl/openssl/pull/1130) |
||
|---|---|---|
| .. | ||
| HOWTO | ||
| man1 | ||
| man3 | ||
| man5 | ||
| man7 | ||
| README | ||
| dir-locals.example.el | ||
| fingerprints.txt | ||
| openssl-c-indent.el | ||
README
README This file
fingerprints.txt
PGP fingerprints of authorised release signers
standards.txt
Moved to the web, https://www.openssl.org/docs/standards.html
HOWTO/
A few how-to documents; not necessarily up-to-date
man1/
The openssl command-line tools; start with openssl.pod
man3/
The SSL library and the crypto library
man5/
File formats
man7/
Overviews; start with crypto.pod and ssl.pod, for example
Algorithm specific EVP_PKEY documentation.
Formatted versions of the manpages (apps,ssl,crypto) can be found at
https://www.openssl.org/docs/manpages.html