Changes

178 bytes added ,  17:49, 28 March 2016
no edit summary
Line 342: Line 342:  
Initially a HTTP context will not trust ''any'' root-CAs at all. Which root-CAs to trust must be ''explicitly'' specified via the add-root-CA service command(s).
 
Initially a HTTP context will not trust ''any'' root-CAs at all. Which root-CAs to trust must be ''explicitly'' specified via the add-root-CA service command(s).
   −
RootCertChains can be used to easily select a particular chain of trusted root-CAs with multiple HTTP contexts, without having to re-send each of the root-CA commands for each HTTP context. The maximum number of RootCertChains that can exist for a HTTPC service session handle, is only 1.
+
RootCertChains can be used to easily select a particular chain of trusted root-CAs with multiple HTTP contexts, without having to re-send each of the root-CA commands for each HTTP context. The maximum number of RootCertChains that can exist for an user-process, is only 1.
    
When using the context-specific RootCA commands such as [[HTTPC:AddTrustedRootCA]] where [[HTTPC:SelectRootCertChain]] was already used, the cert will just be added to the selected RootCertChain.
 
When using the context-specific RootCA commands such as [[HTTPC:AddTrustedRootCA]] where [[HTTPC:SelectRootCertChain]] was already used, the cert will just be added to the selected RootCertChain.
 +
 +
=ClientCert Contexts=
 +
These are basically the same as RootCertChains except for TLS client cert+privk. The maximum number of ClientCert-contexts that can exist for an user-process, is only 1.
    
= Error codes =
 
= Error codes =