Clarify documentation of ssl_set_own_cert()

fixes #507
This commit is contained in:
Manuel Pégourié-Gonnard 2018-10-25 13:24:21 +02:00
parent c774e32939
commit d8e3a1ef66
2 changed files with 10 additions and 0 deletions

View file

@ -2043,6 +2043,14 @@ void mbedtls_ssl_conf_ca_chain( mbedtls_ssl_config *conf,
* whether it matches those preferences - the server can then
* decide what it wants to do with it.
*
* \note The provided \p pk_key needs to match the public key in the
* first certificate in \p own_cert, or all handshakes using
* that certificate will fail. It is your responsibility
* to ensure that; this function will not perform any check.
* You may use mbedtls_pk_check_pair() in order to perform
* this check yourself, but be aware that this function can
* be computationally expensive on some key types.
*
* \param conf SSL configuration
* \param own_cert own public certificate chain
* \param pk_key own private key