gnutls_x509_trust_list_add_trust_file — API function


#include <gnutls/x509.h>

int gnutls_x509_trust_list_add_trust_file(gnutls_x509_trust_list_t list, const char * ca_file, const char * crl_file, gnutls_x509_crt_fmt_t type, unsigned int tl_flags, unsigned int tl_vflags);


gnutls_x509_trust_list_t list

The list

const char * ca_file

A file containing a list of CAs (optional)

const char * crl_file

A file containing a list of CRLs (optional)

gnutls_x509_crt_fmt_t type

The format of the certificates

unsigned int tl_flags

flags from gnutls_trust_list_flags_t

unsigned int tl_vflags

gnutls_certificate_verify_flags if flags specifies GNUTLS_TL_VERIFY_CRL


This function will add the given certificate authorities to the trusted list. PKCS 11 URLs are also accepted, instead of files, by this function. A PKCS 11 URL implies a trust database (a specially marked module in p11-kit); the URL "pkcs11:" implies all trust databases in the system. Only a single URL specifying trust databases can be set; they cannot be stacked with multiple calls.


The number of added elements is returned.



Reporting Bugs

Report bugs to <>.
Home page:

See Also

The full documentation for gnutls is maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visit


3.6.9 gnutls