nn::ssl::Connection::SetServerCertStore Member Functionnn::Result SetServerCertStore( CertStore & certStore );
| Name | Description | |
|---|---|---|
| in | certStore | Certificate store to set. |
Result values listed below. | Value | Description |
|---|---|
ResultSuccess |
Process was successful. |
| ResultIpcSessionErr | Error indicating an uninitialized connection. The function has not done anything as it has been called on a Connection instance for which you have not yet successfully called Initialize. |
| ResultNotInitializedErr | Error indicating that the library is not initialized. None of the functions in this library can be run without first running nn::ssl::Initialize. |
| A value other than the above. | Unexpected error (see ssl_Result.h for error details). |
Sets the certificate store to use in SSL communication. This API function is provided to allow API users to set their own certificate stores.
The certificate that is set using this function is recognized as a trusted certificate. If a CA certificate is set, the CA of the certificate that was configured is registered as a candidate for successful verification during root CA verification of the certificate chain sent from the server. (In other words, root CA verification will succeed for any CAs that are set by the the root CA.)
If a server certificate is set, the certificate verification will succeed if the certificate in question corresponds with the certificate sent from the server. Note: If a server certificate is set, no verification will be done on the content of the server certificate. This is because verification will succeed as long as the data of the certificate path matches. (For example, even if you were to specify the nn::ssl::VERIFY_DATE option, as long as the data matches, the expiration wouldn't be checked.)
If a CA certificate is set, all certificates within the certificate chain sent from the server except the CA certificate will have their content verified. (For example, if the nn::ssl::VERIFY_DATE option is specified, the expiration dates of the certificates will be verified based on the time of the device's clock.)
CONFIDENTIAL