gnutls_x509_trust_list_verify_named_crt — API function


#include <gnutls/x509.h>

int gnutls_x509_trust_list_verify_named_crt(gnutls_x509_trust_list_t list, gnutls_x509_crt_t cert, const void * name, size_t name_size, unsigned int flags, unsigned int * voutput, gnutls_verify_output_function func);


gnutls_x509_trust_list_t list

The list

gnutls_x509_crt_t cert

is the certificate to be verified

const void * name

is the certificate's name

size_t name_size

is the certificate's name size

unsigned int flags

Flags that may be used to change the verification algorithm. Use OR of the gnutls_certificate_verify_flags enumerations.

unsigned int * voutput

will hold the certificate verification output.

gnutls_verify_output_function func

If non-null will be called on each chain element verification with the output.


This function will try to find a certificate that is associated with the provided name --see gnutls_x509_trust_list_add_named_crt(). If a match is found the certificate is considered valid. In addition to that this function will also  check CRLs. The  voutput parameter will hold an OR'ed sequence of  gnutls_certificate_status_t flags.

Additionally a certificate verification profile can be specified from the ones in gnutls_certificate_verification_profiles_t by ORing the result of GNUTLS_PROFILE_TO_VFLAGS() to the verification flags.


On success, GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error value.



Reporting Bugs

Report bugs to <>.
Home page:

See Also

The full documentation for gnutls is maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visit


3.6.9 gnutls