Function

SecTrustSetNetworkFetchAllowed

Specifies whether a trust evaluation is permitted to fetch missing intermediate certificates from the network.

Declaration

OSStatus SecTrustSetNetworkFetchAllowed(SecTrustRef trust, Boolean allowFetch);

Parameters

trust

The trust evaluation object to modify.

allowFetch

If true, and a certificate's issuer is not present in the trust reference but its network location is known, the evaluation is permitted to attempt to download it automatically. Pass false to disable network fetch for this trust evaluation.

Return Value

Discussion

By default, network fetch of missing certificates is enabled if the trust evaluation includes the SSL policy. Otherwise it is disabled.

See Also

Advanced Trust Configuation

Configuring a Trust

Work around a recoverable trust failure.

SecTrustSetVerifyDate

Sets the date and time against which the certificates in a trust management object are verified.

SecTrustSetAnchorCertificates

Sets the anchor certificates used when evaluating a trust management object.

SecTrustSetAnchorCertificatesOnly

Reenables trusting built-in anchor certificates.

SecTrustSetExceptions

Sets a list of exceptions that should be ignored when the certificate is evaluated.

SecTrustSetPolicies

Sets the policies to use in an evaluation.

SecTrustSetOptions

Sets option flags for customizing evaluation of a trust object.

SecTrustOptionFlags

The option flags used to condition a trust evaluation.

SecTrustGetNetworkFetchAllowed

Indicates whether a trust evaluation is permitted to fetch missing intermediate certificates from the network.

SecTrustSetOCSPResponse

Attaches Online Certificate Status Protocol (OSCP) response data to a trust object.

SecTrustSetSignedCertificateTimestamps

Attaches signed certificate timestamp data to a trust object.