DragonFly On-Line Manual Pages
gnutls_x509_crt_sign2(3) gnutls gnutls_x509_crt_sign2(3)
gnutls_x509_crt_sign2 - API function
int gnutls_x509_crt_sign2(gnutls_x509_crt_t crt, gnutls_x509_crt_t
issuer, gnutls_x509_privkey_t issuer_key, gnutls_digest_algorithm_t
dig, unsigned int flags);
a certificate of type gnutls_x509_crt_t
is the certificate of the certificate issuer
holds the issuer's private key
The message digest to use, GNUTLS_DIG_SHA256 is a safe
unsigned int flags
must be 0
This function will sign the certificate with the issuer's private key,
and will copy the issuer's information into the certificate.
This must be the last step in a certificate generation since all the
previously set parameters are now signed.
A known limitation of this function is, that a newly-signed certificate
will not be fully functional (e.g., for signature verification), until
it is exported an re-imported.
After GnuTLS 3.6.1 the value of dig may be GNUTLS_DIG_UNKNOWN, and in
that case, a suitable but reasonable for the key algorithm will be
On success, GNUTLS_E_SUCCESS (0) is returned, otherwise a negative
Report bugs to <firstname.lastname@example.org>.
Home page: https://www.gnutls.org
Copyright (C) 2001-2020 Free Software Foundation, Inc., and others.
Copying and distribution of this file, with or without modification,
are permitted in any medium without royalty provided the copyright
notice and this notice are preserved.
The full documentation for gnutls is maintained as a Texinfo manual.
If the /usr/local/share/doc/gnutls/ directory does not contain the HTML
gnutls 3.6.12 gnutls_x509_crt_sign2(3)