Specifies certificates for a SSL conection.
comm
ssl-connection-read-certificates connection key-file &key cert-file password password-callback keychain keychain-password keychain-reset
| connection⇩ |
A SSL connection (socket-stream or async-io-state). |
| key-file⇩ | nil or a pathname designator for a PEM file. |
| cert-file⇩ | nil or a pathname designator for a PEM file. |
| password⇩ | nil or a string. |
| password-callback⇩ | nil or a function designator symbol taking one argument. |
| keychain⇩ |
A pathname designator, :temp, :default, nil or a keychain object (Apple specific). |
| keychain-password⇩ | nil or a string (Apple specific). |
| keychain-reset⇩ |
A boolean (Apple specific). |
The function ssl-connection-read-certificates specifies certificate(s) and a key for a SSL connection.
connection must be a SSL connection (a socket-stream or a async-io-state) that has SSL attached to it.
key-file, cert-file, password, password-callback, keychain, keychain-password and keychain-reset are used to read certificate(s) and a key as described in create-ssl-server-context.
For the OpenSSL implementation, ssl-connection-read-certificates is available only with OpenSSL 1.1 or later.
If you always use the same certificate(s), then it is better to create a ssl-abstract-context by calling create-ssl-server-context or create-ssl-client-context and specify the certificate arguments at that time. This is not only more convenient, but is also more efficient in repeated use. ssl-connection-read-certificates is needed in cases when you decide which certificate(s) to use after starting the handshake, inside client-hello-callback of create-ssl-server-context or cert-request-callback of create-ssl-client-context.
ssl-connection-read-certificates is not implemented for streams using Java sockets (opened by open-tcp-stream-using-java).
For examples of using ssl-connection-read-certificates, see:
(example-edit-file "ssl/ssl-certificates")
LispWorks® User Guide and Reference Manual - 01 Dec 2021 19:30:26