This verifies this and returns a set of TlsCertificateFlags indicating any problems found with it.
This can be used to verify a certificate outside the context of making a connection, or to check a certificate against a CA that is not part of the system CA database.
If identity is not null, this's name(s) will
be compared against it, and g_tls_certificate_bad_identity will be set in the return value if
it does not match. If identity is null, that bit will never be set in the
return value.
If trusted_ca is not null, then this (or one
of the certificates in its chain) must be signed by it, or else g_tls_certificate_unknown_ca
will be set in the return value. If trusted_ca is null, that bit will never be
set in the return value.
(All other TlsCertificateFlags values will always be set or unset as appropriate.)
| this | |
| identity |
the expected peer identity |
| trusted_ca |
the certificate of a trusted authority |
|
the appropriate TlsCertificateFlags |