Hi, I'm playing around with client-side certificates[1] and saw that the manpage of tls_init.3 recommend to uses the functions: tls_config_set_ca_{file,path,mem} only in client context.
But to check client-side certificates its also useful in server context. bye, Jan [1]: https://github.com/younix/ucspi/blob/master/tests.mk Index: tls_init.3 =================================================================== RCS file: /cvs/src/lib/libtls/tls_init.3,v retrieving revision 1.53 diff -u -p -r1.53 tls_init.3 --- tls_init.3 16 Oct 2015 13:49:53 -0000 1.53 +++ tls_init.3 5 Nov 2015 12:48:17 -0000 @@ -289,16 +289,16 @@ Configuration options may apply to only .Fn tls_config_set_ca_file sets the filename used to load a file containing the root certificates. -.Em (Client) +.Em (Client and Server) .It .Fn tls_config_set_ca_path sets the path (directory) which should be searched for root certificates. -.Em (Client) +.Em (Client and Server) .It .Fn tls_config_set_ca_mem sets the root certificates directly from memory. -.Em (Client) +.Em (Client and Server) .It .Fn tls_config_set_cert_file sets file from which the public certificate will be read.