trustedRootCertificates

CFArrayRef Ice::SSL::SecureTransportServerAuthenticationOptions::trustedRootCertificates = nullptr

The trusted root certificates used for validating the client's certificate chain.

If this field is set, the client's certificate chain is validated against these certificates; otherwise, the system's default root certificates are used.

The trusted root certificates are used by both the default validation callback and by custom validation callbacks set in clientCertificateValidationCallback.

This is equivalent to calling SecTrustSetAnchorCertificates with the CFArrayRef object, and SecTrustSetAnchorCertificatesOnly with the anchorCertificatesOnly parameter set to true.

Example of setting trustedRootCertificates:

    CFArrayRef rootCerts = {};
    // Populate root certs with X.509 trusted root certificates
    communicator->createObjectAdapterWithEndpoints(
        "Hello",
        "ssl -h 127.0.0.1 -p 10000",
        Ice::SSL::ServerAuthenticationOptions{.trustedRootCertificates = rootCerts});
    CFRelease(rootCerts); // It is safe to release the rootCerts now.

Definition at line 161 of file ServerAuthenticationOptions.h.