SSLContext¶
An SSL context is used to create SSL sessions.
Constructors¶
create¶
Create an SSL context.
Returns¶
- SSLContext ref^
Public Functions¶
client¶
Create a client-side SSL session. If a hostname is supplied, the server side certificate must be valid for that hostname.
Parameters¶
- hostname: String val = ""
Returns¶
- SSL iso^ ?
server¶
Create a server-side SSL session.
Returns¶
- SSL iso^ ?
set_cert¶
The cert file is a PEM certificate chain. The key file is a private key. Servers must set this. For clients, it is optional.
Parameters¶
Returns¶
- None val ?
set_authority¶
Use a PEM file and/or a directory of PEM files to specify certificate authorities. Clients must set this. For servers, it is optional. Use None to indicate no file or no path. Raises an error if these verify locations aren't valid.
If both file
and path
are None
, on Windows this method loads the
system root certificates. On Posix it raises an error.
fun ref set_authority(
file: (FilePath val | None val),
path: (FilePath val | None val) = reference)
: None val ?
Parameters¶
Returns¶
- None val ?
set_ciphers¶
Set the accepted ciphers. This replaces the existing list. Raises an error if the cipher list is invalid.
Parameters¶
- ciphers: String val
Returns¶
- None val ?
set_client_verify¶
Set to true to require verification. Defaults to true.
Parameters¶
- state: Bool val
Returns¶
- None val
set_server_verify¶
Set to true to require verification. Defaults to false.
Parameters¶
- state: Bool val
Returns¶
- None val
set_verify_depth¶
Set the verify depth. Defaults to 6.
Parameters¶
- depth: U32 val
Returns¶
- None val
set_min_proto_version¶
Set minimum protocol version. Set to SslAutoVersion, 0, to automatically manage lowest version.
Supported versions: Ssl3Version, Tls1Version, Tls1u1Version, Tls1u2Version, Tls1u3Version, Dtls1Version, Dtls1u2Version
Parameters¶
- version: ULong val
Returns¶
- None val ?
get_min_proto_version¶
Get minimum protocol version. Returns SslAutoVersion, 0, when automatically managing lowest version.
Supported versions: Ssl3Version, Tls1Version, Tls1u1Version, Tls1u2Version, Tls1u3Version, Dtls1Version, Dtls1u2Version
Returns¶
- ILong val
set_max_proto_version¶
Set maximum protocol version. Set to SslAutoVersion, 0, to automatically manage higest version.
Supported versions: Ssl3Version, Tls1Version, Tls1u1Version, Tls1u2Version, Tls1u3Version, Dtls1Version, Dtls1u2Version
Parameters¶
- version: ULong val
Returns¶
- None val ?
get_max_proto_version¶
Get maximum protocol version. Returns SslAutoVersion, 0, when automatically managing highest version.
Supported versions: Ssl3Version, Tls1Version, Tls1u1Version, Tls1u2Version, Tls1u3Version, Dtls1Version, Dtls1u2Version
Returns¶
- ILong val
alpn_set_resolver¶
Use resolver
to choose the protocol to be selected for incomming connections.
Returns true on success Requires OpenSSL >= 1.0.2
Parameters¶
- resolver: ALPNProtocolResolver box
Returns¶
- Bool val
alpn_set_client_protocols¶
Configures the SSLContext to advertise the protocol names defined in protocols
when connecting to a server
protocol names must have a size of 1 to 255
Returns true on success Requires OpenSSL >= 1.0.2
Parameters¶
Returns¶
- Bool val
allow_tls_v1¶
Allow TLS v1. Defaults to false. Deprecated: use set_min_proto_version and set_max_proto_version
Parameters¶
- state: Bool val
Returns¶
- None val
allow_tls_v1_1¶
Allow TLS v1.1. Defaults to false. Deprecated: use set_min_proto_version and set_max_proto_version
Parameters¶
- state: Bool val
Returns¶
- None val
allow_tls_v1_2¶
Allow TLS v1.2. Defaults to true. Deprecated: use set_min_proto_version and set_max_proto_version
Parameters¶
- state: Bool val
Returns¶
- None val
dispose¶
Free the SSL context.
Returns¶
- None val