mongoc_client_encryption_opts_set_tls_opts − mongoc_client_encryption_opts_set_tls_opts()
void mongoc_client_encryption_opts_set_tls_opts ( mongoc_client_encryption_opts_t *opts, const bson_t *tls_opts);
• |
opts: The mongoc_client_encryption_opts_t | ||
• |
tls_opts: A bson_t mapping a Key Management Service (KMS) provider name to a BSON document with TLS options. |
tls_opts is a BSON document of the following form:
<KMS provider name>: { tlsCaFile: Optional<String> tlsCertificateKeyFile: Optional<String> tlsCertificateKeyFilePassword: Optional<String> }
The KMS providers aws, azure, gcp, and kmip are supported as keys in the tls_opts document.
tls_opts maps the KMS provider name to a BSON document for TLS options.
The BSON document for TLS options may contain the following keys:
• |
MONGOC_URI_TLSCERTIFICATEKEYFILE |
|||
• |
MONGOC_URI_TLSCERTIFICATEKEYFILEPASSWORD |
|||
• |
MONGOC_URI_TLSCAFILE |
Example use
mongoc_client_encryption_opts_t *ce_opts = mongoc_client_encryption_opts_new (); bson_t *tls_opts = bson_new (); BCON_APPEND (tls_opts, "kmip", "{", MONGOC_URI_TLSCAFILE, "ca1.pem", "}"); BCON_APPEND (tls_opts, "aws", "{", MONGOC_URI_TLSCAFILE, "ca2.pem", "}"); mongoc_client_encryption_opts_set_tls_opts (ce_opts, tls_opts);
See Configuring TLS for a description of the behavior of these options.
SEE ALSO:
In−Use Encryption
MongoDB, Inc
2017-present, MongoDB, Inc