TlsCertificateFlags
Added in version 2.28.
- class TlsCertificateFlags
A set of flags describing TLS certification validation. This can be
used to describe why a particular certificate was rejected (for
example, in TlsConnection
::accept-certificate).
GLib guarantees that if certificate verification fails, at least one
flag will be set, but it does not guarantee that all possible flags
will be set. Accordingly, you may not safely decide to ignore any
particular type of error. For example, it would be incorrect to mask
EXPIRED
if you want to allow expired certificates,
because this could potentially be the only error flag set even if
other problems exist with the certificate.
Fields
- class TlsCertificateFlags
- BAD_IDENTITY
The certificate does not match the expected identity of the site that it was retrieved from.
- EXPIRED
The certificate has expired
- GENERIC_ERROR
Some other error occurred validating the certificate
- INSECURE
The certificate’s algorithm is considered insecure.
- NOT_ACTIVATED
The certificate’s activation time is still in the future
- NO_FLAGS
No flags set. Since: 2.74
- REVOKED
The certificate has been revoked according to the
TlsConnection
’s certificate revocation list.
- UNKNOWN_CA
The signing certificate authority is not known.
- VALIDATE_ALL
The combination of all of the above flags