Legend:
Library
Module
Module type
Parameter
Class
Class type
Library
Module
Module type
Parameter
Class
Class type
val sexp_of_t : t -> Ppx_sexp_conv_lib.Sexp.t
Initialize a new SSL context, out of which all SSL connections are allocated.
Set options on the SSL context, see Opt
for available options. Currently used for disabling protocol versions.
val load_verify_locations :
?ca_file:string ->
?ca_path:string ->
t ->
unit Core.Or_error.t Async.Deferred.t
Specifies the locations for the context, at which CA certificates for verification purposes are located. The certificates available via ca_file
and ca_path
are trusted.
If ca_file
is not None
, it points to a file of CA certificates in PEM format. It may have more than one certificate.
If ca_path
is not None
, it points to a directory containing CA certificates in PEM format. The files each contain one CA certificate. The certificates in ca_path
are only looked up lazily, not eagarly.
Prepare the directory /some/where/certs
containing several CA certificates for use as ca_path
:
{
cd /some/where/certs
c_rehash .
}
If both ca_file
and ca_path
are specified, the certificates in ca_file
will be searched before the certificates in ca_path
.
If this function is not used, set_default_verify_paths
should be called to use OpenSSL's compiled-in defaults.
val set_default_verify_paths : t -> unit
Tell OpenSSL to use its compiled-in defaults for locating CA certificates for verification purposes. This should be called if load_verify_locations
is not used.
val set_session_id_context : t -> string -> unit
Set context within which session can be reused, e.g. the name of the application and/or the hostname and/or service name, etc. Server side only.
https://www.openssl.org/docs/manmaster/ssl/SSL_CTX_set_session_id_context.html