FreeBSD manual
download PDF document: X509_add_certs.3.pdf
X509_ADD_CERT(3ossl) OpenSSL X509_ADD_CERT(3ossl)
NAME
X509_add_cert, X509_add_certs - X509 certificate list addition
functions
SYNOPSIS
#include <openssl/x509.h>
int X509_add_cert(STACK_OF(X509) *sk, X509 *cert, int flags);
int X509_add_certs(STACK_OF(X509) *sk, STACK_OF(X509) *certs, int flags);
DESCRIPTION
X509_add_cert() adds a certificate cert to the given list sk.
X509_add_certs() adds a list of certificate certs to the given list sk.
The certs argument may be NULL, which implies no effect. It does not
modify the list certs but in case the X509_ADD_FLAG_UP_REF flag
(described below) is set the reference counters of those of its members
added to sk are increased.
Both these functions have a flags parameter, which is used to control
details of the operation.
The value X509_ADD_FLAG_DEFAULT, which equals 0, means no special
semantics.
If X509_ADD_FLAG_UP_REF is set then the reference counts of those
certificates added successfully are increased.
If X509_ADD_FLAG_PREPEND is set then the certificates are prepended to
sk. By default they are appended to sk. In both cases the original
order of the added certificates is preserved.
If X509_ADD_FLAG_NO_DUP is set then certificates already contained in
sk, which is determined using X509_cmp(3), are ignored.
If X509_ADD_FLAG_NO_SS is set then certificates that are marked self-
signed, which is determined using X509_self_signed(3), are ignored.
RETURN VALUES
Both functions return 1 for success and 0 for failure.
NOTES
If X509_add_certs() is used with the flags X509_ADD_FLAG_NO_DUP or
X509_ADD_FLAG_NO_SS it is advisable to use also X509_ADD_FLAG_UP_REF
because otherwise likely not for all members of the certs list the
ownership is transferred to the list of certificates sk.
Care should also be taken in case the certs argument equals sk.
SEE ALSO
X509_cmp(3) X509_self_signed(3)
HISTORY
The functions X509_add_cert() and X509_add_certs() were added in
OpenSSL 3.0.
3.0.11 2023-09-19 X509_ADD_CERT(3ossl)