Utilities for working with certificates and keys. More...

#include <qgsauthcertutils.h>

Public Types
enum	CaCertSource { SystemRoot = 0 , FromFile = 1 , InDatabase = 2 , Connection = 3 }
	Type of CA certificate source. More...

enum	CertTrustPolicy { DefaultTrust = 0 , Trusted = 1 , Untrusted = 2 , NoPolicy = 3 }
	Type of certificate trust policy. More...

enum	CertUsageType { UndeterminedUsage = 0 , AnyOrUnspecifiedUsage , CertAuthorityUsage , CertIssuerUsage , TlsServerUsage , TlsServerEvUsage , TlsClientUsage , CodeSigningUsage , EmailProtectionUsage , TimeStampingUsage , CRLSigningUsage }
	Type of certificate usage. More...

enum	ConstraintGroup { KeyUsage = 0 , ExtendedKeyUsage = 1 }
	Type of certificate key group. More...

Static Public Member Functions
static QList< QSslCertificate >	casFromFile (const QString &certspath)
	Returns a list of concatenated CAs from a PEM or DER formatted file. More...

static QList< QSslCertificate >	casMerge (const QList< QSslCertificate > &bundle1, const QList< QSslCertificate > &bundle2)
	casMerge merges two certificate bundles in a single one removing duplicates, the certificates from the bundle2 are appended to bundle1 if not already there More...

static QList< QSslCertificate >	casRemoveSelfSigned (const QList< QSslCertificate > &caList)
	casRemoveSelfSigned remove self-signed CA certificates from caList More...

static QSslCertificate	certFromFile (const QString &certpath)
	Returns the first cert from a PEM or DER formatted file. More...

static bool	certificateIsAuthority (const QSslCertificate &cert)
	Gets whether a certificate is an Authority. More...

static bool	certificateIsAuthorityOrIssuer (const QSslCertificate &cert)
	Gets whether a certificate is an Authority or can at least sign other certificates. More...

static bool	certificateIsIssuer (const QSslCertificate &cert)
	Gets whether a certificate can sign other certificates. More...

static bool	certificateIsSslClient (const QSslCertificate &cert)
	Gets whether a certificate is probably used for a client identity. More...

static bool	certificateIsSslServer (const QSslCertificate &cert)
	Gets whether a certificate is probably used for a SSL server. More...

static QList< QgsAuthCertUtils::CertUsageType >	certificateUsageTypes (const QSslCertificate &cert)
	Try to determine the certificates usage types. More...

static QString	certificateUsageTypeString (QgsAuthCertUtils::CertUsageType usagetype)
	Certificate usage type strings per enum. More...

static bool	certIsCurrent (const QSslCertificate &cert)
	certIsCurrent checks if cert is viable for its not before and not after dates More...

static bool	certIsViable (const QSslCertificate &cert)
	certIsViable checks for viability errors of cert and whether it is NULL More...

static QStringList	certKeyBundleToPem (const QString &certpath, const QString &keypath, const QString &keypass=QString(), bool reencrypt=true)
	Returns list of certificate, private key and algorithm (as PEM text) from file path components. More...

static QList< QSslCertificate >	certsFromFile (const QString &certspath)
	Returns a list of concatenated certs from a PEM or DER formatted file. More...

static QList< QSslCertificate >	certsFromString (const QString &pemtext)
	Returns a list of concatenated certs from a PEM Base64 text block. More...

static QMap< QString, QList< QSslCertificate > >	certsGroupedByOrg (const QList< QSslCertificate > &certs)
	Map certificates to their oraganization. More...

static QByteArray	certsToPemText (const QList< QSslCertificate > &certs)
	certsToPemText dump a list of QSslCertificates to PEM text More...

static QList< QSslError >	certViabilityErrors (const QSslCertificate &cert)
	certViabilityErrors checks basic characteristics (validity dates, blocklisting, etc.) of given cert More...

static QByteArray	fileData (const QString &path)
	Returns data from a local file via a read-only operation. More...

static QString	getCaSourceName (QgsAuthCertUtils::CaCertSource source, bool single=false)
	Gets the general name for CA source enum type. More...

static QString	getCertDistinguishedName (const QSslCertificate &qcert, const QCA::Certificate &acert=QCA::Certificate(), bool issuer=false)
	Gets combined distinguished name for certificate. More...

static QString	getCertTrustName (QgsAuthCertUtils::CertTrustPolicy trust)
	Gets the general name for certificate trust. More...

static QString	getColonDelimited (const QString &txt)
	Gets string with colon delimiters every 2 characters. More...

static QString	getSslProtocolName (QSsl::SslProtocol protocol)
	SSL Protocol name strings per enum. More...

static QSslKey	keyFromFile (const QString &keypath, const QString &keypass=QString(), QString *algtype=nullptr)
	Returns non-encrypted key from a PEM or DER formatted file. More...

static QMap< QString, QSslCertificate >	mapDigestToCerts (const QList< QSslCertificate > &certs)
	Map certificate sha1 to certificate as simple cache. More...

static QMap< QString, QgsAuthConfigSslServer >	mapDigestToSslConfigs (const QList< QgsAuthConfigSslServer > &configs)
	Map SSL custom configs' certificate sha1 to custom config as simple cache. More...

static bool	pemIsPkcs8 (const QString &keyPemTxt)
	Determine if the PEM-encoded text of a key is PKCS#8 format. More...

static QString	pemTextToTempFile (const QString &name, const QByteArray &pemtext)
	Write a temporary file for a PEM text of cert/key/CAs bundle component. More...

static QList< QSslCertificate >	pkcs12BundleCas (const QString &bundlepath, const QString &bundlepass=QString())
	Returns list of CA certificates (as QSslCertificate) for a PKCS#12 bundle. More...

static QStringList	pkcs12BundleToPem (const QString &bundlepath, const QString &bundlepass=QString(), bool reencrypt=true)
	Returns list of certificate, private key and algorithm (as PEM text) for a PKCS#12 bundle. More...

static QCA::KeyBundle	qcaKeyBundle (const QString &path, const QString &pass)
	PKI key/cert bundle from file path, e.g. More...

static QString	qcaKnownConstraint (QCA::ConstraintTypeKnown constraint)
	Certificate well-known constraint strings per enum. More...

static QString	qcaSignatureAlgorithm (QCA::SignatureAlgorithm algorithm)
	Certificate signature algorithm strings per enum. More...

static QString	qcaValidityMessage (QCA::Validity validity)
	Certificate validity check messages per enum. More...

static QCA::CertificateCollection	qtCertsToQcaCollection (const QList< QSslCertificate > &certs)
	Convert a QList of QSslCertificate to a QCA::CertificateCollection. More...

static QCA::Certificate	qtCertToQcaCert (const QSslCertificate &cert)
	Convert a QSslCertificate to a QCA::Certificate. More...

static QString	resolvedCertName (const QSslCertificate &cert, bool issuer=false)
	Gets the general name via RFC 5280 resolution. More...

static QString	shaHexForCert (const QSslCertificate &cert, bool formatted=false)
	Gets the sha1 hash for certificate. More...

static QMap< QString, QList< QgsAuthConfigSslServer > >	sslConfigsGroupedByOrg (const QList< QgsAuthConfigSslServer > &configs)
	Map SSL custom configs' certificates to their oraganization. More...

static QString	sslErrorEnumString (QSslError::SslError errenum)
	Gets short strings describing an SSL error. More...

static QList< QPair< QSslError::SslError, QString > >	sslErrorEnumStrings ()
	Gets short strings describing SSL errors. More...

static QList< QSslError >	validateCertChain (const QList< QSslCertificate > &certificateChain, const QString &hostName=QString(), bool trustRootCa=false)
	validateCertChain validates the given certificateChain More...

static QStringList	validatePKIBundle (QgsPkiBundle &bundle, bool useIntermediates=true, bool trustRootCa=false)
	validatePKIBundle validate the PKI bundle by checking the certificate chain, the expiration and effective dates, optionally trusts the root CA More...

Detailed Description

Utilities for working with certificates and keys.

Definition at line 40 of file qgsauthcertutils.h.

Member Enumeration Documentation

◆ CaCertSource

enum QgsAuthCertUtils::CaCertSource

Type of CA certificate source.

Enumerator
SystemRoot
FromFile
InDatabase
Connection

Definition at line 44 of file qgsauthcertutils.h.

◆ CertTrustPolicy

enum QgsAuthCertUtils::CertTrustPolicy

Type of certificate trust policy.

Enumerator
DefaultTrust
Trusted
Untrusted
NoPolicy

Definition at line 53 of file qgsauthcertutils.h.

◆ CertUsageType

enum QgsAuthCertUtils::CertUsageType

Type of certificate usage.

Enumerator
UndeterminedUsage
AnyOrUnspecifiedUsage
CertAuthorityUsage
CertIssuerUsage
TlsServerUsage
TlsServerEvUsage
TlsClientUsage
CodeSigningUsage
EmailProtectionUsage
TimeStampingUsage
CRLSigningUsage

Definition at line 62 of file qgsauthcertutils.h.

◆ ConstraintGroup

enum QgsAuthCertUtils::ConstraintGroup

Type of certificate key group.

Enumerator
KeyUsage
ExtendedKeyUsage

Definition at line 78 of file qgsauthcertutils.h.

Member Function Documentation

◆ casFromFile()

QList< QSslCertificate > QgsAuthCertUtils::casFromFile ( const QString & certspath )

static

Returns a list of concatenated CAs from a PEM or DER formatted file.

Definition at line 142 of file qgsauthcertutils.cpp.

◆ casMerge()

QList< QSslCertificate > QgsAuthCertUtils::casMerge	(	const QList< QSslCertificate > &	bundle1,
		const QList< QSslCertificate > &	bundle2
	)

static

casMerge merges two certificate bundles in a single one removing duplicates, the certificates from the bundle2 are appended to bundle1 if not already there

Parameters

bundle1	first bundle
bundle2	second bundle

Returns: a list of unique certificates

Definition at line 156 of file qgsauthcertutils.cpp.

◆ casRemoveSelfSigned()

QList< QSslCertificate > QgsAuthCertUtils::casRemoveSelfSigned ( const QList< QSslCertificate > & caList )

static

casRemoveSelfSigned remove self-signed CA certificates from caList

Parameters

caList list of CA certificates

Returns: a list of non self-signed certificates

Definition at line 260 of file qgsauthcertutils.cpp.

◆ certFromFile()

QSslCertificate QgsAuthCertUtils::certFromFile ( const QString & certpath )

static

Returns the first cert from a PEM or DER formatted file.

Definition at line 178 of file qgsauthcertutils.cpp.

◆ certificateIsAuthority()

bool QgsAuthCertUtils::certificateIsAuthority ( const QSslCertificate & cert )

static

Gets whether a certificate is an Authority.

Definition at line 1016 of file qgsauthcertutils.cpp.

◆ certificateIsAuthorityOrIssuer()

bool QgsAuthCertUtils::certificateIsAuthorityOrIssuer ( const QSslCertificate & cert )

static

Gets whether a certificate is an Authority or can at least sign other certificates.

Definition at line 1026 of file qgsauthcertutils.cpp.

◆ certificateIsIssuer()

bool QgsAuthCertUtils::certificateIsIssuer ( const QSslCertificate & cert )

static

Gets whether a certificate can sign other certificates.

Definition at line 1021 of file qgsauthcertutils.cpp.

◆ certificateIsSslClient()

bool QgsAuthCertUtils::certificateIsSslClient ( const QSslCertificate & cert )

static

Gets whether a certificate is probably used for a client identity.

Definition at line 1153 of file qgsauthcertutils.cpp.

◆ certificateIsSslServer()

bool QgsAuthCertUtils::certificateIsSslServer ( const QSslCertificate & cert )

static

Gets whether a certificate is probably used for a SSL server.

Definition at line 1032 of file qgsauthcertutils.cpp.

◆ certificateUsageTypes()

QList< QgsAuthCertUtils::CertUsageType > QgsAuthCertUtils::certificateUsageTypes ( const QSslCertificate & cert )

static

Try to determine the certificates usage types.

Definition at line 941 of file qgsauthcertutils.cpp.

◆ certificateUsageTypeString()

QString QgsAuthCertUtils::certificateUsageTypeString ( QgsAuthCertUtils::CertUsageType usagetype )

static

Certificate usage type strings per enum.

Note: not available in Python bindings

Definition at line 911 of file qgsauthcertutils.cpp.

◆ certIsCurrent()

bool QgsAuthCertUtils::certIsCurrent ( const QSslCertificate & cert )

static

certIsCurrent checks if cert is viable for its not before and not after dates

Parameters

cert	certificate to be checked

Definition at line 1273 of file qgsauthcertutils.cpp.

◆ certIsViable()

bool QgsAuthCertUtils::certIsViable ( const QSslCertificate & cert )

static

certIsViable checks for viability errors of cert and whether it is NULL

Parameters

cert	certificate to be checked

Returns: false if cert is NULL or has viability errors

Definition at line 1305 of file qgsauthcertutils.cpp.

◆ certKeyBundleToPem()

QStringList QgsAuthCertUtils::certKeyBundleToPem	(	const QString &	certpath,
		const QString &	keypath,
		const QString &	keypass = `QString()`,
		bool	reencrypt = `true`
	)

static

Returns list of certificate, private key and algorithm (as PEM text) from file path components.

Parameters

certpath	File path to certificate
keypath	File path to private key
keypass	Passphrase for private key
reencrypt	Whether to re-encrypt the private key with the passphrase

Returns: certificate, private key, key's algorithm type

Definition at line 273 of file qgsauthcertutils.cpp.

◆ certsFromFile()

QList< QSslCertificate > QgsAuthCertUtils::certsFromFile ( const QString & certspath )

static

Returns a list of concatenated certs from a PEM or DER formatted file.

Definition at line 130 of file qgsauthcertutils.cpp.

◆ certsFromString()

QList< QSslCertificate > QgsAuthCertUtils::certsFromString ( const QString & pemtext )

static

Returns a list of concatenated certs from a PEM Base64 text block.

Definition at line 249 of file qgsauthcertutils.cpp.

◆ certsGroupedByOrg()

QMap< QString, QList< QSslCertificate > > QgsAuthCertUtils::certsGroupedByOrg ( const QList< QSslCertificate > & certs )

static

Map certificates to their oraganization.

Note: not available in Python bindings

Definition at line 70 of file qgsauthcertutils.cpp.

◆ certsToPemText()

QByteArray QgsAuthCertUtils::certsToPemText ( const QList< QSslCertificate > & certs )

static

certsToPemText dump a list of QSslCertificates to PEM text

Parameters

certs list of certs

Returns: a byte array of concatenated certificates as PEM text

Definition at line 564 of file qgsauthcertutils.cpp.

◆ certViabilityErrors()

QList< QSslError > QgsAuthCertUtils::certViabilityErrors ( const QSslCertificate & cert )

static

certViabilityErrors checks basic characteristics (validity dates, blocklisting, etc.) of given cert

Parameters

cert	certificate to be checked

Returns: list of QSslError (will return NO ERRORS if a null QSslCertificate is passed)

Definition at line 1281 of file qgsauthcertutils.cpp.

◆ fileData()

QByteArray QgsAuthCertUtils::fileData ( const QString & path )

static

Returns data from a local file via a read-only operation.

Parameters

path	Path to file to read

Returns: All data contained in file or empty contents if file does not exist

Definition at line 109 of file qgsauthcertutils.cpp.

◆ getCaSourceName()

QString QgsAuthCertUtils::getCaSourceName	(	QgsAuthCertUtils::CaCertSource	source,
		bool	single = `false`
	)

static

Gets the general name for CA source enum type.

Parameters

source	The enum source type for the CA
single	Whether to return singular or plural description

Definition at line 608 of file qgsauthcertutils.cpp.

◆ getCertDistinguishedName()

QString QgsAuthCertUtils::getCertDistinguishedName	(	const QSslCertificate &	qcert,
		const QCA::Certificate &	acert = `QCA::Certificate()`,
		bool	issuer = `false`
	)

static

Gets combined distinguished name for certificate.

Parameters

qcert	Qt SSL cert object
acert	QCA SSL cert object to add more info to the output
issuer	Whether to return cert's subject or issuer combined name

Note: not available in Python bindings

Definition at line 670 of file qgsauthcertutils.cpp.

◆ getCertTrustName()

QString QgsAuthCertUtils::getCertTrustName ( QgsAuthCertUtils::CertTrustPolicy trust )

static

Gets the general name for certificate trust.

Definition at line 720 of file qgsauthcertutils.cpp.

◆ getColonDelimited()

QString QgsAuthCertUtils::getColonDelimited ( const QString & txt )

static

Gets string with colon delimiters every 2 characters.

Definition at line 735 of file qgsauthcertutils.cpp.

◆ getSslProtocolName()

QString QgsAuthCertUtils::getSslProtocolName ( QSsl::SslProtocol protocol )

static

SSL Protocol name strings per enum.

Definition at line 36 of file qgsauthcertutils.cpp.

◆ keyFromFile()

QSslKey QgsAuthCertUtils::keyFromFile	(	const QString &	keypath,
		const QString &	keypass = `QString()`,
		QString *	algtype = `nullptr`
	)

static

Returns non-encrypted key from a PEM or DER formatted file.

Parameters

keypath	File path to private key
keypass	Passphrase for private key
algtype	QString to set with resolved algorithm type

Definition at line 193 of file qgsauthcertutils.cpp.

◆ mapDigestToCerts()

QMap< QString, QSslCertificate > QgsAuthCertUtils::mapDigestToCerts ( const QList< QSslCertificate > & certs )

static

Map certificate sha1 to certificate as simple cache.

Definition at line 60 of file qgsauthcertutils.cpp.

◆ mapDigestToSslConfigs()

QMap< QString, QgsAuthConfigSslServer > QgsAuthCertUtils::mapDigestToSslConfigs ( const QList< QgsAuthConfigSslServer > & configs )

static

Map SSL custom configs' certificate sha1 to custom config as simple cache.

Definition at line 84 of file qgsauthcertutils.cpp.

◆ pemIsPkcs8()

bool QgsAuthCertUtils::pemIsPkcs8 ( const QString & keyPemTxt )

static

Determine if the PEM-encoded text of a key is PKCS#8 format.

Parameters

keyPemTxt PEM-encoded text

Returns: true if PKCS#8, otherwise false

Definition at line 298 of file qgsauthcertutils.cpp.

◆ pemTextToTempFile()

QString QgsAuthCertUtils::pemTextToTempFile	(	const QString &	name,
		const QByteArray &	pemtext
	)

static

Write a temporary file for a PEM text of cert/key/CAs bundle component.

Parameters

pemtext	Component content as PEM text
name	Name of file

Returns: File path to temporary file

Definition at line 579 of file qgsauthcertutils.cpp.

◆ pkcs12BundleCas()

QList< QSslCertificate > QgsAuthCertUtils::pkcs12BundleCas	(	const QString &	bundlepath,
		const QString &	bundlepass = `QString()`
	)

static

Returns list of CA certificates (as QSslCertificate) for a PKCS#12 bundle.

Parameters

bundlepath	File path to the PKCS bundle
bundlepass	Passphrase for bundle

Returns: list of certificate

Definition at line 543 of file qgsauthcertutils.cpp.

◆ pkcs12BundleToPem()

QStringList QgsAuthCertUtils::pkcs12BundleToPem	(	const QString &	bundlepath,
		const QString &	bundlepass = `QString()`,
		bool	reencrypt = `true`
	)

static

Returns list of certificate, private key and algorithm (as PEM text) for a PKCS#12 bundle.

Parameters

bundlepath	File path to the PKCS bundle
bundlepass	Passphrase for bundle
reencrypt	Whether to re-encrypt the private key with the passphrase

Returns: certificate, private key, key's algorithm type

Definition at line 448 of file qgsauthcertutils.cpp.

◆ qcaKeyBundle()

QCA::KeyBundle QgsAuthCertUtils::qcaKeyBundle	(	const QString &	path,
		const QString &	pass
	)

static

PKI key/cert bundle from file path, e.g.

from .p12 or pfx files.

Note: not available in Python bindings

Definition at line 790 of file qgsauthcertutils.cpp.

◆ qcaKnownConstraint()

QString QgsAuthCertUtils::qcaKnownConstraint ( QCA::ConstraintTypeKnown constraint )

static

Certificate well-known constraint strings per enum.

Note: not available in Python bindings

Definition at line 866 of file qgsauthcertutils.cpp.

◆ qcaSignatureAlgorithm()

QString QgsAuthCertUtils::qcaSignatureAlgorithm ( QCA::SignatureAlgorithm algorithm )

static

Certificate signature algorithm strings per enum.

Note: not available in Python bindings

Definition at line 835 of file qgsauthcertutils.cpp.

◆ qcaValidityMessage()

QString QgsAuthCertUtils::qcaValidityMessage ( QCA::Validity validity )

static

Certificate validity check messages per enum.

Note: not available in Python bindings

Definition at line 802 of file qgsauthcertutils.cpp.

◆ qtCertsToQcaCollection()

QCA::CertificateCollection QgsAuthCertUtils::qtCertsToQcaCollection ( const QList< QSslCertificate > & certs )

static

Convert a QList of QSslCertificate to a QCA::CertificateCollection.

Note: not available in Python bindings

Definition at line 773 of file qgsauthcertutils.cpp.

◆ qtCertToQcaCert()

QCA::Certificate QgsAuthCertUtils::qtCertToQcaCert ( const QSslCertificate & cert )

static

Convert a QSslCertificate to a QCA::Certificate.

Note: not available in Python bindings

Definition at line 758 of file qgsauthcertutils.cpp.

◆ resolvedCertName()

QString QgsAuthCertUtils::resolvedCertName	(	const QSslCertificate &	cert,
		bool	issuer = `false`
	)

static

Gets the general name via RFC 5280 resolution.

Definition at line 625 of file qgsauthcertutils.cpp.

◆ shaHexForCert()

QString QgsAuthCertUtils::shaHexForCert	(	const QSslCertificate &	cert,
		bool	formatted = `false`
	)

static

Gets the sha1 hash for certificate.

Parameters

cert	Qt SSL certificate to generate hash from
formatted	Whether to colon-delimit the hash

Definition at line 748 of file qgsauthcertutils.cpp.

◆ sslConfigsGroupedByOrg()

QMap< QString, QList< QgsAuthConfigSslServer > > QgsAuthCertUtils::sslConfigsGroupedByOrg ( const QList< QgsAuthConfigSslServer > & configs )

static

Map SSL custom configs' certificates to their oraganization.

Note: not available in Python bindings

Definition at line 94 of file qgsauthcertutils.cpp.

◆ sslErrorEnumString()

QString QgsAuthCertUtils::sslErrorEnumString ( QSslError::SslError errenum )

static

Gets short strings describing an SSL error.

Definition at line 1158 of file qgsauthcertutils.cpp.

◆ sslErrorEnumStrings()

QList< QPair< QSslError::SslError, QString > > QgsAuthCertUtils::sslErrorEnumStrings ( )

static

Gets short strings describing SSL errors.

Note: not available in Python bindings

Definition at line 1219 of file qgsauthcertutils.cpp.

◆ validateCertChain()

QList< QSslError > QgsAuthCertUtils::validateCertChain	(	const QList< QSslCertificate > &	certificateChain,
		const QString &	hostName = `QString()`,
		bool	trustRootCa = `false`
	)

static

validateCertChain validates the given certificateChain

Parameters

certificateChain	list of certificates to be checked, with leaf first and with optional root CA last
hostName	(optional) name of the host to be verified
trustRootCa	if `true` the CA will be added to the trusted CAs for this validation check

Returns: list of QSslError, if the list is empty then the cert chain is valid

Definition at line 1310 of file qgsauthcertutils.cpp.

◆ validatePKIBundle()

QStringList QgsAuthCertUtils::validatePKIBundle	(	QgsPkiBundle &	bundle,
		bool	useIntermediates = `true`,
		bool	trustRootCa = `false`
	)

static

validatePKIBundle validate the PKI bundle by checking the certificate chain, the expiration and effective dates, optionally trusts the root CA

Parameters

bundle
useIntermediates	if `true` the intermediate certs are also checked
trustRootCa	if `true` the CA will be added to the trusted CAs for this validation check (if useIntermediates is `false`) this option is ignored and set to `false`

Returns: a list of error strings, if the list is empty then the PKI bundle is valid

Definition at line 1360 of file qgsauthcertutils.cpp.

The documentation for this class was generated from the following files:

/build/qgis-3.20.0+99unstable/src/core/auth/qgsauthcertutils.h
/build/qgis-3.20.0+99unstable/src/core/auth/qgsauthcertutils.cpp

Public Types

Static Public Member Functions

Detailed Description

Member Enumeration Documentation

◆ CaCertSource

◆ CertTrustPolicy

◆ CertUsageType

◆ ConstraintGroup

Member Function Documentation

◆ casFromFile()

◆ casMerge()

◆ casRemoveSelfSigned()

◆ certFromFile()

◆ certificateIsAuthority()

◆ certificateIsAuthorityOrIssuer()

◆ certificateIsIssuer()

◆ certificateIsSslClient()

◆ certificateIsSslServer()

◆ certificateUsageTypes()

◆ certificateUsageTypeString()

◆ certIsCurrent()

◆ certIsViable()

◆ certKeyBundleToPem()

◆ certsFromFile()

◆ certsFromString()

◆ certsGroupedByOrg()

◆ certsToPemText()

◆ certViabilityErrors()

◆ fileData()

◆ getCaSourceName()

◆ getCertDistinguishedName()

◆ getCertTrustName()

◆ getColonDelimited()

◆ getSslProtocolName()

◆ keyFromFile()

◆ mapDigestToCerts()

◆ mapDigestToSslConfigs()

◆ pemIsPkcs8()

◆ pemTextToTempFile()

◆ pkcs12BundleCas()

◆ pkcs12BundleToPem()

◆ qcaKeyBundle()

◆ qcaKnownConstraint()

◆ qcaSignatureAlgorithm()

◆ qcaValidityMessage()

◆ qtCertsToQcaCollection()

◆ qtCertToQcaCert()

◆ resolvedCertName()

◆ shaHexForCert()

◆ sslConfigsGroupedByOrg()

◆ sslErrorEnumString()

◆ sslErrorEnumStrings()

◆ validateCertChain()

◆ validatePKIBundle()