Automatically generated by Pod::Man 4.14 (Pod::Simple 3.42)

Standard preamble:
========================================================================
..

..

.. Set up some character translations and predefined strings. \*(-- will
give an unbreakable dash, \*(PI will give pi, \*(L" will give a left
double quote, and \*(R" will give a right double quote. \*(C+ will
give a nicer C++. Capital omega is used to do unbreakable dashes and
therefore won't be available. \*(C` and \*(C' expand to `' in nroff,
nothing in troff, for use with C<>.
.tr \(*W- . ds -- \(*W- . ds PI pi . if (\n(.H=4u)&(1m=24u) .ds -- \(*W\h'-12u'\(*W\h'-12u'-\" diablo 10 pitch . if (\n(.H=4u)&(1m=20u) .ds -- \(*W\h'-12u'\(*W\h'-8u'-\" diablo 12 pitch . ds L" "" . ds R" "" . ds C` "" . ds C' "" 'br\} . ds -- \|\(em\| . ds PI \(*p . ds L" `` . ds R" '' . ds C` . ds C' 'br\}
Escape single quotes in literal strings from groff's Unicode transform.

If the F register is >0, we'll generate index entries on stderr for
titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
entries marked with X<> in POD. Of course, you'll have to process the
output yourself in some meaningful fashion.

Avoid warning from groff about undefined register 'F'.
.. .nr rF 0 . if \nF \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . if !\nF==2 \{\ . nr % 0 . nr F 2 . \} . \} .\} .rr rF Fear. Run. Save yourself. No user-serviceable parts.
. \" fudge factors for nroff and troff . ds #H 0 . ds #V .8m . ds #F .3m . ds #[ \f1 . ds #] .\} . ds #H ((1u-(\\\\n(.fu%2u))*.13m) . ds #V .6m . ds #F 0 . ds #[ \& . ds #] \& .\} . \" simple accents for nroff and troff . ds ' \& . ds ` \& . ds ^ \& . ds , \& . ds ~ ~ . ds / .\} . ds ' \\k:\h'-(\\n(.wu*8/10-\*(#H)'\'\h"|\\n:u" . ds ` \\k:\h'-(\\n(.wu*8/10-\*(#H)'\`\h'|\\n:u' . ds ^ \\k:\h'-(\\n(.wu*10/11-\*(#H)'^\h'|\\n:u' . ds , \\k:\h'-(\\n(.wu*8/10)',\h'|\\n:u' . ds ~ \\k:\h'-(\\n(.wu-\*(#H-.1m)'~\h'|\\n:u' . ds / \\k:\h'-(\\n(.wu*8/10-\*(#H)'\z\(sl\h'|\\n:u' .\} . \" troff and (daisy-wheel) nroff accents . \" corrections for vroff . \" for low resolution devices (crt and lpr) \{\ . ds : e . ds 8 ss . ds o a . ds d- d\h'-1'\(ga . ds D- D\h'-1'\(hy . ds th \o'bp' . ds Th \o'LP' . ds ae ae . ds Ae AE .\} ========================================================================

Title "SSL_CTX_ADD_EXTRA_CHAIN_CERT 3ossl" For nroff, turn off justification. Always turn off hyphenation; it makes
way too many mistakes in technical documents.
SSL_CTX_add_extra_chain_cert, SSL_CTX_get_extra_chain_certs, SSL_CTX_get_extra_chain_certs_only, SSL_CTX_clear_extra_chain_certs \- add, get or clear extra chain certificates Header "SYNOPSIS" .Vb 1 #include <openssl/ssl.h> \& long SSL_CTX_add_extra_chain_cert(SSL_CTX *ctx, X509 *x509); long SSL_CTX_get_extra_chain_certs(SSL_CTX *ctx, STACK_OF(X509) **sk); long SSL_CTX_get_extra_chain_certs_only(SSL_CTX *ctx, STACK_OF(X509) **sk); long SSL_CTX_clear_extra_chain_certs(SSL_CTX *ctx); .Ve Header "DESCRIPTION" \fBSSL_CTX_add_extra_chain_cert() adds the certificate x509 to the extra chain certificates associated with ctx. Several certificates can be added one after another.

\fBSSL_CTX_get_extra_chain_certs() retrieves the extra chain certificates associated with ctx, or the chain associated with the current certificate of ctx if the extra chain is empty. The returned stack should not be freed by the caller.

\fBSSL_CTX_get_extra_chain_certs_only() retrieves the extra chain certificates associated with ctx. The returned stack should not be freed by the caller.

\fBSSL_CTX_clear_extra_chain_certs() clears all extra chain certificates associated with ctx.

These functions are implemented as macros.

Header "NOTES" When sending a certificate chain, extra chain certificates are sent in order following the end entity certificate.

If no chain is specified, the library will try to complete the chain from the available \s-1CA\s0 certificates in the trusted \s-1CA\s0 storage, see \fBSSL_CTX_load_verify_locations\|(3).

The x509 certificate provided to SSL_CTX_add_extra_chain_cert() will be freed by the library when the \s-1SSL_CTX\s0 is destroyed. An application \fBshould not free the x509 object.

Header "RESTRICTIONS" Only one set of extra chain certificates can be specified per \s-1SSL_CTX\s0 structure. Different chains for different certificates (for example if both \s-1RSA\s0 and \s-1DSA\s0 certificates are specified by the same server) or different \s-1SSL\s0 structures with the same parent \s-1SSL_CTX\s0 cannot be specified using this function. For more flexibility functions such as SSL_add1_chain_cert() should be used instead. Header "RETURN VALUES" \fBSSL_CTX_add_extra_chain_cert() and SSL_CTX_clear_extra_chain_certs() return 1 on success and 0 for failure. Check out the error stack to find out the reason for failure. Header "SEE ALSO" \fBssl\|(7), \fBSSL_CTX_use_certificate\|(3), \fBSSL_CTX_set_client_cert_cb\|(3), \fBSSL_CTX_load_verify_locations\|(3) \fBSSL_CTX_set0_chain\|(3) \fBSSL_CTX_set1_chain\|(3) \fBSSL_CTX_add0_chain_cert\|(3) \fBSSL_CTX_add1_chain_cert\|(3) \fBSSL_set0_chain\|(3) \fBSSL_set1_chain\|(3) \fBSSL_add0_chain_cert\|(3) \fBSSL_add1_chain_cert\|(3) \fBSSL_CTX_build_cert_chain\|(3) \fBSSL_build_cert_chain\|(3) Header "COPYRIGHT" Copyright 2000-2018 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the \*(L"License\*(R"). You may not use this file except in compliance with the License. You can obtain a copy in the file \s-1LICENSE\s0 in the source distribution or at <https://www.openssl.org/source/license.html>.