- ok, err, errcode = ssl:loadCertData(data)
- ok, err, errcode = ssl:loadCertFile(filename)
- info = ssl:getCertInfo()
SYNOPSIS
DESCRIPTION
The local certificate is the identification of this machine. During connection, it is presented to the peer. The peer can then decide whether to accept or reject the connection.
The certificate data is public and does not need to be kept secure.
The system can load a certificate in X509 PEM or BER format.
A local certificate goes together with a local RSA key pair, see ssl:loadKeyFile().
Loading a local certificate is completely optional. If no certificate is loaded, then none will be presented to the peer on a connection attempt. It is up to the peer to not accept connections without a proper certificate.
For web applications, typically only servers use a local certificate and private key.
The function ssl:loadCertData() loads the certificate from the data passed in a string variable.
The second function, ssl:loadCertFile() instead loads the certificate directly from a file.
The query function ssl:getCertInfo() returns some basic information about the certificate.
RETURN VALUE
The loading functions ssl:loadCertData() and ssl:loadCertFile() return true on success.
In case of an error they return three values: nil, a string describing the error and a negative error code from the underlying mbed TLS implementation.
The info function ssl:getCertInfo() returns a table with the following key/value pairs:
valid_from | The earliest date that the certificate is valid |
valid_to | The latest date that the certificate is valid |
serial | The serial number of the certificate |
issuer | Information about the certificate issuer, see below |
subject | Information about the certificate subject, see below |
The fields issuer and subject are nested tables with more info. Following are the fields that may be present in the certificate. The table will only contain entries if there is actually data of that kind present. The table may contain additional items if the certificate has further data. The extra items are listed with their hexadecimal tag code.
CN | Common Name |
O | Organization |
OU | Organizational Unit |
L | Location |
S | State/Province |
C | Country |
R | Email address |