dnp3::TlsClientConfig Struct Reference

TLS client configuration. More...

#include <dnp3.hpp>

Public Member Functions
	TlsClientConfig (const std::string &dns_name, const std::string &peer_cert_path, const std::string &local_cert_path, const std::string &private_key_path, const std::string &password)
	construct the configuration with defaults More...

Public Attributes
std::string	dns_name
	Subject name which is verified in the presented server certificate, from the SAN extension or in the common name field. More...
std::string	peer_cert_path
	Path to the PEM-encoded certificate of the peer. More...
std::string	local_cert_path
	Path to the PEM-encoded local certificate. More...
std::string	private_key_path
	Path to the the PEM-encoded private key. More...
std::string	password
	Optional password if the private key file is encrypted. More...
MinTlsVersion	min_tls_version
	Minimum TLS version allowed. More...
CertificateMode	certificate_mode
	Certificate validation mode. More...
bool	allow_server_name_wildcard
	If set to true, a '*' may be used for TlsClientConfig::dns_name to bypass server name validation. More...

Friends
class	CppTlsClientConfigFriend

Detailed Description

TLS client configuration.

Constructor & Destructor Documentation

TlsClientConfig()

dnp3::TlsClientConfig::TlsClientConfig	(	const std::string &	dns_name,
		const std::string &	peer_cert_path,
		const std::string &	local_cert_path,
		const std::string &	private_key_path,
		const std::string &	password
	)

construct the configuration with defaults

Note

Values are initialized to:

• TlsClientConfig::min_tls_version : MinTlsVersion::v12
• TlsClientConfig::certificate_mode : CertificateMode::authority_based
• TlsClientConfig::allow_server_name_wildcard : false

Parameters

dns_name	Subject name which is verified in the presented server certificate, from the SAN extension or in the common name field.
peer_cert_path	Path to the PEM-encoded certificate of the peer
local_cert_path	Path to the PEM-encoded local certificate
private_key_path	Path to the the PEM-encoded private key
password	Optional password if the private key file is encrypted

Returns

New instance of TlsClientConfig

Member Data Documentation

allow_server_name_wildcard

bool dnp3::TlsClientConfig::allow_server_name_wildcard

If set to true, a '*' may be used for TlsClientConfig::dns_name to bypass server name validation.

certificate_mode

CertificateMode dnp3::TlsClientConfig::certificate_mode

Certificate validation mode.

dns_name

std::string dnp3::TlsClientConfig::dns_name

Subject name which is verified in the presented server certificate, from the SAN extension or in the common name field.

Warning

This argument is only used when used with CertificateMode::authority_based

local_cert_path

std::string dnp3::TlsClientConfig::local_cert_path

Path to the PEM-encoded local certificate.

min_tls_version

MinTlsVersion dnp3::TlsClientConfig::min_tls_version

Minimum TLS version allowed.

password

std::string dnp3::TlsClientConfig::password

Optional password if the private key file is encrypted.

Only PKCS#8 encrypted files are supported.

Pass empty string if the file is not encrypted.

peer_cert_path

std::string dnp3::TlsClientConfig::peer_cert_path

Path to the PEM-encoded certificate of the peer.

private_key_path

std::string dnp3::TlsClientConfig::private_key_path

Path to the the PEM-encoded private key.

---

The documentation for this struct was generated from the following file:

• dnp3.hpp