Interface TLSContext
Encapsulates the configuration for an TLS tunnel.
interface TLSContext
;
Note that when creating an TLSContext with TLSContextKind.client, the peerValidationMode will be set to TLSPeerValidationMode.trustedCert, but no trusted certificate authorities are added by default. Use useTrustedCertificateFile to add those.
Properties
Name | Type | Description |
---|---|---|
alpnCallback [get, set]
|
@safe string delegate(string[]) | Callback function invoked to choose alpn (client side) |
kind [get]
|
TLSContextKind | The kind of TLS context (client/server) |
maxCertChainLength [get, set]
|
int | The maximum length of an accepted certificate chain. |
peerValidationCallback [get, set]
|
@safe bool delegate(scope TLSPeerValidationData) | An optional user callback for peer validation. |
peerValidationMode [get, set]
|
TLSPeerValidationMode | Specifies the validation level of remote peers. |
sniCallback [get, set]
|
@safe TLSContext delegate(string) | The callback used to associcate host names with TLS certificates/contexts. |
Methods
Name | Description |
---|---|
createStream
(underlying, state, peer_name, peer_address)
|
Creates a new stream associated to this context. |
setCipherList
(list)
|
Set the list of cipher specifications to use for TLS tunnels. |
setClientALPN
(alpn)
|
Setter method invoked to offer ALPN (server side) |
setDHParams
(pem_file)
|
Set params to use for DH cipher. |
setECDHCurve
(curve)
|
Set the elliptic curve to use for ECDH cipher. |
useCertificateChainFile
(path)
|
Sets a certificate file to use for authenticating to the remote peer |
usePrivateKeyFile
(path)
|
Sets the private key to use for authenticating to the remote peer based on the configured certificate chain file. |
useTrustedCertificateFile
(path)
|
Sets the list of trusted certificates for verifying peer certificates. |