Function

SSLSetCertificateAuthorities

Adds one or more certificates to a server's list of certification authorities (CAs) acceptable for client authentication.

Declaration

OSStatus SSLSetCertificateAuthorities(SSLContextRef context, CFTypeRef certificateOrArray, Boolean replaceExisting);

Parameters

context

An SSL session context reference.

certificateOrArray

A value of type SecCertificateRef, or a value of type CFArray containing an array of SecCertificateRef values, representing one or more certificates to be added to the server’s list of acceptable certification authorities (CAs).

replaceExisting

A Boolean value specifying whether to replace or append the current set of certification authorities. If this value is true, the specified certificates replace the existing list of acceptable CAs, if any. If false, the specified certificates are appended to the existing list of.

Return Value

A result code. See Secure Transport Result Codes. Returns errSecParam if this function is called for a session that is configured as a client, or when a session is active.

Discussion

Each successive call to this function with the replaceExisting parameter set to NO results in accumulation of additional certification authorities. To see the current set of certification authorities, call the SSLCopyCertificateAuthorities function.

See Also

Root Certificates

SSLCopyCertificateAuthorities

Retrieves the current list of certification authorities.

Deprecated