NAME
upscli_init - Initialize upsclient module specifying security properties.
SYNOPSIS
Note
|
Two NUT websites
This version of the page reflects NUT release v2.8.0 with codebase commited ff16dabca at 2022-04-04T11:04:28+00:00 Options, features and capabilities in current development (and future releases) are detailed on the main site and may differ from ones described here. |
#include <upsclient.h>
int upscli_init(int certverify, const char *certpath,
const char *certname, const char *certpasswd);
DESCRIPTION
The upscli_init() function initialize upsclient module and set many SSL-related properties: certverify to 1 makes certificate verification required for all SSL connections and certpath is the location of certificate database.
If compiled with OpenSSL, certpath refers to directory containing certificates where the certificates must be named according to their hash values ending in a ".0" extension. If two certificates result in the same hash value (thus file name), the ".0" can be incremented to ".1" and so on, as needed. The bash command for creating links in this manner would be:
ln -s ca.pem ./$(openssl x509 -hash -noout -in ca.pem).0
Alternatively, the c_rehash utility (provided by openssl-perl) can take a directory and iterate it to link all certificates found in that directory, in the manner described above.
If compiled with NSS, certpath refers to a directory containing database files.
If compiled with NSS and using SSL, you can specify certname the name of the certificate to send to upsd and certpasswd the password used to decrypt certificate private key.
You can call upscli_add_host_cert(3) to register specific host security policy before initialize connections to them.
You must call upscli_cleanup(3) when exiting application.
RETURN VALUE
The upscli_init() function returns 1 on success, or -1 if an error occurs.