#include <TlsOptions.h>
◆ TlsContextOptions() [1/3]
Aws::Crt::Io::TlsContextOptions::TlsContextOptions |
( |
| ) |
|
|
noexcept |
◆ ~TlsContextOptions()
Aws::Crt::Io::TlsContextOptions::~TlsContextOptions |
( |
| ) |
|
|
virtual |
◆ TlsContextOptions() [2/3]
◆ TlsContextOptions() [3/3]
◆ InitClientWithMtls() [1/2]
Initializes TlsContextOptions with secure by default options, with client certificate and private key. These are in memory buffers. These buffers must be in the PEM format.
- Parameters
-
cert | Certificate contents in memory. |
pkey | Private key contents in memory. |
◆ InitClientWithMtls() [2/2]
Initializes TlsContextOptions with secure by default options, with client certificate and private key. These are paths to a file on disk. These files must be in the PEM format.
- Parameters
-
cert_path | Path to certificate file. |
pkey_path | Path to private key file. |
◆ InitDefaultClient()
Initializes TlsContextOptions with secure by default options, with no client certificates.
◆ IsAlpnSupported()
bool Aws::Crt::Io::TlsContextOptions::IsAlpnSupported |
( |
| ) |
|
|
staticnoexcept |
- Returns
- true if alpn is supported by the underlying security provider, false otherwise.
◆ LastError()
int Aws::Crt::Io::TlsContextOptions::LastError |
( |
| ) |
const |
|
noexcept |
- Returns
- the value of the last aws error encountered by operations on this instance.
◆ operator bool()
Aws::Crt::Io::TlsContextOptions::operator bool |
( |
| ) |
const |
|
inlineexplicitnoexcept |
- Returns
- true if the instance is in a valid state, false otherwise.
◆ operator=() [1/2]
◆ operator=() [2/2]
◆ OverrideDefaultTrustStore() [1/2]
bool Aws::Crt::Io::TlsContextOptions::OverrideDefaultTrustStore |
( |
const ByteCursor & |
ca | ) |
|
|
noexcept |
Overrides the default system trust store.
- Parameters
-
ca | PEM armored chain of trusted CA certificates. |
◆ OverrideDefaultTrustStore() [2/2]
bool Aws::Crt::Io::TlsContextOptions::OverrideDefaultTrustStore |
( |
const char * |
caPath, |
|
|
const char * |
caFile |
|
) |
| |
|
noexcept |
Overrides the default system trust store.
- Parameters
-
caPath | Path to directory containing trusted certificates, which will overrides the default trust store. Only useful on Unix style systems where all anchors are stored in a directory (like /etc/ssl/certs). This string must remain in memory for the lifetime of this object. |
caFile | Path to file containing PEM armored chain of trusted CA certificates. This string must remain in memory for the lifetime of this object. |
◆ SetAlpnList()
bool Aws::Crt::Io::TlsContextOptions::SetAlpnList |
( |
const char * |
alpnList | ) |
|
|
noexcept |
Sets the list of alpn protocols.
- Parameters
-
alpnList | List of protocol names, delimited by ';'. This string must remain in memory for the lifetime of this object. |
◆ SetMinimumTlsVersion()
void Aws::Crt::Io::TlsContextOptions::SetMinimumTlsVersion |
( |
aws_tls_versions |
minimumTlsVersion | ) |
|
Sets the minimum TLS version allowed.
- Parameters
-
minimumTlsVersion | The minimum TLS version. |
◆ SetVerifyPeer()
void Aws::Crt::Io::TlsContextOptions::SetVerifyPeer |
( |
bool |
verifyPeer | ) |
|
|
noexcept |
In client mode, this turns off x.509 validation. Don't do this unless you're testing. It's much better, to just override the default trust store and pass the self-signed certificate as the caFile argument.
In server mode, this defaults to false. If you want to support mutual TLS from the server, you'll want to set this to true.
◆ TlsContext
The documentation for this class was generated from the following files: