table of contents
MONGOC_AUTO_ENCRYPTION_OPTS_SET_TLS_OPTS(3) | libmongoc | MONGOC_AUTO_ENCRYPTION_OPTS_SET_TLS_OPTS(3) |
SYNOPSIS¶
void mongoc_auto_encryption_opts_set_tls_opts (
mongoc_auto_encryption_opts_t *opts, const bson_t *tls_opts);
PARAMETERS¶
- opts: The mongoc_auto_encryption_opts_t
- tls_opts: A bson_t mapping a Key Management Service (KMS) provider to a BSON document with TLS options.
tls_opts is a BSON document of the following form:
<KMS provider>: {
tlsCaFile: Optional<String>
tlsCertificateKeyFile: Optional<String>
tlsCertificateKeyFilePassword: Optional<String> }
The KMS providers aws, azure, gcp, and kmip are supported as keys in the tls_opts document. They may include an optional name suffix separated with a colon. Example: aws:name2.
tls_opts maps the KMS provider name to a BSON document for TLS options.
The BSON document for TLS options may contain the following keys:
- MONGOC_URI_TLSCERTIFICATEKEYFILE
- MONGOC_URI_TLSCERTIFICATEKEYFILEPASSWORD
- MONGOC_URI_TLSCAFILE
Example use
mongoc_auto_encryption_opts_t *ae_opts =
mongoc_auto_encryption_opts_new (); bson_t *tls_opts = bson_new (); BCON_APPEND (tls_opts, "kmip", "{", MONGOC_URI_TLSCAFILE, "ca1.pem", "}"); BCON_APPEND (tls_opts, "aws", "{", MONGOC_URI_TLSCAFILE, "ca2.pem", "}"); mongoc_auto_encryption_opts_set_tls_opts (ae_opts, tls_opts);
See Configuring TLS for a description of the behavior of these options.
SEE ALSO:
mongoc_client_enable_auto_encryption()
In-Use Encryption
AUTHOR¶
MongoDB, Inc
COPYRIGHT¶
2017-present, MongoDB, Inc
February 25, 2024 | 1.26.0 |