-*- mode: troff; coding: utf-8 -*-
Automatically generated by Pod::Man 5.0102 (Pod::Simple 3.45)

Standard preamble:
========================================================================
..

..

.. \*(C` and \*(C' are quotes in nroff, nothing in troff, for use with C<>.
. ds C` "" . ds C' "" 'br\} . ds C` . ds C' 'br\}
Escape single quotes in literal strings from groff's Unicode transform.

If the F register is >0, we'll generate index entries on stderr for
titles (.TH), headers (.SH), subsections (.SS), items (.Ip), and index
entries marked with X<> in POD. Of course, you'll have to process the
output yourself in some meaningful fashion.

Avoid warning from groff about undefined register 'F'.
.. .nr rF 0 . if \nF \{\ . de IX . tm Index:\\$1\t\\n%\t"\\$2" .. . if !\nF==2 \{\ . nr % 0 . nr F 2 . \} . \} .\} .rr rF ========================================================================

Title "X509V3_SET_CTX 3ossl" For nroff, turn off justification. Always turn off hyphenation; it makes
way too many mistakes in technical documents.
X509V3_set_ctx, X509V3_set_issuer_pkey - X.509 v3 extension generation utilities Header "SYNOPSIS" .Vb 1 #include <openssl/x509v3.h> \& void X509V3_set_ctx(X509V3_CTX *ctx, X509 *issuer, X509 *subject, X509_REQ *req, X509_CRL *crl, int flags); int X509V3_set_issuer_pkey(X509V3_CTX *ctx, EVP_PKEY *pkey); .Ve Header "DESCRIPTION" \fBX509V3_set_ctx() fills in the basic fields of ctx of type X509V3_CTX, providing details potentially needed by functions producing X509 v3 extensions. These may make use of fields of the certificate subject, the certification request req, or the certificate revocation list crl. At most one of these three parameters can be non-NULL. When constructing the subject key identifier of a certificate by computing a hash value of its public key, the public key is taken from subject or req. Similarly, when constructing subject alternative names from any email addresses contained in a subject DN, the subject DN is taken from subject or req. If subject or crl is provided, issuer should point to its issuer, for instance as a reference for generating the authority key identifier extension. \fIissuer may be the same pointer value as subject (which usually is an indication that the subject certificate is self-issued or even self-signed). In this case the fallback source for generating the authority key identifier extension will be taken from any value provided using X509V3_set_issuer_pkey(). \fIflags may be 0 or contain X509V3_CTX_TEST, which means that just the syntax of extension definitions is to be checked without actually producing any extension, or X509V3_CTX_REPLACE, which means that each X.509v3 extension added as defined in some configuration section shall replace any already existing extension with the same OID.

\fBX509V3_set_issuer_pkey() explicitly sets the issuer private key of the subject certificate that has been provided in ctx. This should be done in case the issuer and subject arguments to \fBX509V3_set_ctx() have the same pointer value to provide fallback data for the authority key identifier extension.

Header "RETURN VALUES" \fBX509V3_set_issuer_pkey() returns 1 on success and 0 on error. Header "SEE ALSO" \fBX509_add_ext\|(3) Header "HISTORY" \fBX509V3_set_issuer_pkey() was added in OpenSSL 3.0.

CTX_TEST was deprecated in OpenSSL 3.0; use X509V3_CTX_TEST instead.

Header "COPYRIGHT" Copyright 2015-2025 The OpenSSL Project Authors. All Rights Reserved.

Licensed under the Apache License 2.0 (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <https://www.openssl.org/source/license.html>.