Manipulating TLS Contexts

TLS_CONTEXT  *new_tls_context (const char *ca_certfile,
        const char *ca_certdir, const char *certfile,
        const char *keyfile, const char *dhfile, bool verify_peer);

Allocates and initalizes a new opaque TLS_CONTEXT structure. The TLS_CONTEXT structure maintains default TLS settings from which TLS_CONNECTION structures are instantiated. In the future the TLS_CONTEXT structure may be used to maintain the TLS session cache. ca_certfile and ca_certdir arguments are used to initialize the CA verification stores. The certfile and keyfile arguments are used to initialize the local certificate and private key. If dhfile is non-NULL, it is used to initialize Diffie-Hellman ephemeral keying. If verify_peer is true, client certificate validation is enabled.

void free_tls_context (TLS_CONTEXT *ctx);

Deallocated a previously allocated TLS_CONTEXT structure.

See also

• Library Initialization and Cleanup

• Performing Post-Connection Verification

• Manipulating TLS Connections

Possible Next Steps

Go back to TLS API Implementation.

Go back to TLS.

Go back to Developer Guide.

See also

Previous articles:

• Performing Post-Connection Verification

Next articles:

• Manipulating TLS Connections

• Library Initialization and Cleanup

Go back to: TLS API Implementation.