blob: fb5e581fd67f76b46a68ec6cd5706135b4318db3 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
|
=pod
=head1 NAME
ct - Certificate Transparency
=head1 SYNOPSIS
#include <openssl/ct.h>
=head1 DESCRIPTION
This library implements Certificate Transparency (CT) verification for TLS
clients, as defined in RFC 6962. This verification can provide some confidence
that a certificate has been publicly logged in a set of CT logs.
By default, these checks are disabled. They can be enabled using
B<SSL_CTX_ct_enable>() or B<SSL_ct_enable>().
This library can also be used to parse and examine CT data structures, such as
Signed Certificate Timestamps (SCTs), or to read a list of CT logs. There are
functions for:
- decoding and encoding SCTs in DER and TLS wire format.
- printing SCTs.
- verifying the authenticity of SCTs.
- loading a CT log list from a CONF file.
=head1 SEE ALSO
L<d2i_SCT_LIST(3)>,
L<CTLOG_STORE_new(3)>,
L<CTLOG_STORE_get0_log_by_id(3),
L<SCT_new(3)>,
L<SCT_print(3)>,
L<SCT_verify(3)>,
L<SCT_validate(3)>,
L<CT_POLICY_EVAL_CTX(3)>,
L<SSL_CTX_set_ct_validation_callback(3)>
=cut
|
