gnutls_certificate_get_ocsp_expiration — API function

Synopsis

#include <gnutls/gnutls.h>

time_t gnutls_certificate_get_ocsp_expiration(gnutls_certificate_credentials_t sc, unsigned idx, int oidx, unsigned flags);

Arguments

gnutls_certificate_credentials_t sc

is a credentials structure.

unsigned idx

is a certificate chain index as returned by gnutls_certificate_set_key() and friends

int oidx

is an OCSP response index

unsigned flags

should be zero

Description

This function returns the validity of the loaded OCSP responses, to provide information on when to reload/refresh them.

Note that the credentials structure should be read-only when in use, thus when reloading, either the credentials structure must not be in use by any sessions, or a new credentials structure should be allocated for new sessions.

When  oidx is (-1) then the minimum refresh time for all responses is returned. Otherwise the index specifies the response corresponding to the  odix certificate in the certificate chain.

Returns

On success, the expiration time of the OCSP response. Otherwise (time_t)(-1) on error, or (time_t)-2 on out of bounds.

Since

3.6.3

Reporting Bugs

Report bugs to <bugs@gnutls.org>.
Home page: https://www.gnutls.org

See Also

The full documentation for gnutls is maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visit

https://www.gnutls.org/manual/

Info

3.6.9 gnutls