Function

SecTrustSetOCSPResponse(_:_:)

Attaches Online Certificate Status Protocol (OSCP) response data to a trust object.

Declaration

func SecTrustSetOCSPResponse(_ trust: SecTrust, _ responseData: CFTypeRef?) -> OSStatus

Parameters

trust

The trust evaluation object to modify.

responseData

Either a CFData object containing a single DER-encoded OCSPResponse (per RFC2560), or a CFArray of these.

Return Value

Discussion

This function allows the caller to provide OCSPResponse data (which may be obtained during a TLS/SSL handshake, per RFC3546) as input to a trust evaluation. If this data is available, it can obviate the need to contact an OCSP server for current revocation information.

See Also

Advanced Trust Configuation

Configuring a Trust

Work around a recoverable trust failure.

func SecTrustSetVerifyDate(SecTrust, CFDate) -> OSStatus

Sets the date and time against which the certificates in a trust management object are verified.

func SecTrustSetAnchorCertificates(SecTrust, CFArray?) -> OSStatus

Sets the anchor certificates used when evaluating a trust management object.

func SecTrustSetAnchorCertificatesOnly(SecTrust, Bool) -> OSStatus

Reenables trusting built-in anchor certificates.

func SecTrustSetExceptions(SecTrust, CFData?) -> Bool

Sets a list of exceptions that should be ignored when the certificate is evaluated.

func SecTrustSetPolicies(SecTrust, CFTypeRef) -> OSStatus

Sets the policies to use in an evaluation.

func SecTrustSetOptions(SecTrust, SecTrustOptionFlags) -> OSStatus

Sets option flags for customizing evaluation of a trust object.

struct SecTrustOptionFlags

The option flags used to condition a trust evaluation.

func SecTrustGetNetworkFetchAllowed(SecTrust, UnsafeMutablePointer<DarwinBoolean>) -> OSStatus

Indicates whether a trust evaluation is permitted to fetch missing intermediate certificates from the network.

func SecTrustSetNetworkFetchAllowed(SecTrust, Bool) -> OSStatus

Specifies whether a trust evaluation is permitted to fetch missing intermediate certificates from the network.

func SecTrustSetSignedCertificateTimestamps(SecTrust, CFArray?) -> OSStatus

Attaches signed certificate timestamp data to a trust object.