pub struct TrustSettings { /* private fields */ }
Expand description
Allows access to the certificates and their trust settings in a given domain.
Implementations§
Source§impl TrustSettings
impl TrustSettings
Sourcepub fn new(domain: Domain) -> Self
pub fn new(domain: Domain) -> Self
Create a new TrustSettings
for the given domain.
You can call iter()
to discover the certificates with settings in this domain.
Then you can call tls_trust_settings_for_certificate()
with a given certificate
to learn what the aggregate trust setting for that certificate within this domain.
Sourcepub fn iter(&self) -> Result<TrustSettingsIter>
pub fn iter(&self) -> Result<TrustSettingsIter>
Create an iterator over the certificates with settings in this domain. This produces an empty iterator if there are no such certificates.
Sourcepub fn set_trust_settings_always(&self, cert: &SecCertificate) -> Result<()>
pub fn set_trust_settings_always(&self, cert: &SecCertificate) -> Result<()>
set trust settings to ““always trust this root certificate regardless of use.”. Sets the trust settings for the provided certificate to “always trust this root certificate regardless of use.”
This method configures the trust settings for the specified certificate, indicating that it should always be trusted as a TLS root certificate, regardless of its usage.
If successful, the trust settings are updated for the certificate in the given domain. If the certificate had no previous trust settings in the domain, new trust settings are created. If the certificate had existing trust settings, they are replaced with the new settings.
It is not possible to modify per-user trust settings when not running in a GUI
environment, if you try it will return error 2070: errSecInternalComponent
Sourcepub fn tls_trust_settings_for_certificate(
&self,
cert: &SecCertificate,
) -> Result<Option<TrustSettingsForCertificate>>
pub fn tls_trust_settings_for_certificate( &self, cert: &SecCertificate, ) -> Result<Option<TrustSettingsForCertificate>>
Returns the aggregate trust setting for the given certificate.
This tells you whether the certificate should be trusted as a TLS root certificate.
If the certificate has no trust settings in the given domain, the
errSecItemNotFound
error is returned.
If the certificate has no specific trust settings for TLS in the
given domain None
is returned.
Otherwise, the specific trust settings are aggregated and returned.