NAME

       nng_tls_config_ca_chain - configure certificate authority certificate chain

SYNOPSIS

           #include <nng/nng.h>
           #include <nng/supplemental/tls/tls.h>

           int nng_tls_config_ca_chain(nng_tls_config *cfg, const char *chain, const char *crl);

DESCRIPTION

       The nng_tls_config_ca_chain() function configures a certificate or certificate chain to be used when
       validating peers using the configuration cfg.

           Note

           Certificates must be configured when using the authentication mode NNG_TLS_AUTH_MODE_REQUIRED.

           Tip

           This function may be called multiple times, to add additional chains to a configuration, without
           affecting those added previously.

       The certificates located in chain must be a zero-terminated C string in PEM
       <https://tools.ietf.org/html/rfc7468> format. Multiple certificates may appear concatenated together,
       with the leaf certificate listed first.

       The crl may be NULL, or may also be a C string containing a PEM format certificate revocation list for
       the associated authority.

RETURN VALUES

       This function returns 0 on success, and non-zero otherwise.

ERRORS

       NNG_ENOMEM
           Insufficient memory is available.

       NNG_EBUSY
           The configuration cfg is already in use, and cannot be modified.

       NNG_EINVAL
           An invalid chain or crl was supplied.

SEE ALSO

       nng_strerror(3), nng_tls_config_alloc(.3tls), nng_tls_config_auth_mode(.3tls),
       nng_tls_config_ca_file(.3tls), nng(7)

                                                   2025-04-20                      NNG_TLS_CONFIG_CA_CHAIN(3tls)