Ssl_ctx (async_ssl.Async_ssl.Ffi.Ssl

include sig ... end

val sexp_of_t : t ‑> Sexplib.Sexp.t

val create_exn : Version.t ‑> t

Initialize a new SSL context, out of which all SSL connections are allocated.

val set_options : t ‑> Opt.t list ‑> unit

Set options on the SSL context, see Opt for available options. Currently used for disabling protocol versions.

val load_verify_locations : ?ca_file:string ‑> ?ca_path:string ‑> t ‑> unit Core.Or_error.t Async.Deferred.t

Specifies the locations for the context, at which CA certificates for verification purposes are located. The certificates available via ca_file and ca_path are trusted.

If ca_file is not None, it points to a file of CA certificates in PEM format. It may have more than one certificate.

If ca_path is not None, it points to a directory containing CA certificates in PEM format. The files each contain one CA certificate. The certificates in ca_path are only looked up lazily, not eagarly.

Prepare the directory /some/where/certs containing several CA certificates for use as ca_path:

{ cd /some/where/certs c_rehash . }

If both ca_file and ca_path are specified, the certificates in ca_file will be searched before the certificates in ca_path.

val set_session_id_context : t ‑> string ‑> unit

Set context within which session can be reused, e.g. the name of the application and/or the hostname and/or service name, etc. Server side only.

https://www.openssl.org/docs/manmaster/ssl/SSL_CTX_set_session_id_context.html