SYNOPSIS¶

void
mongoc_auto_encryption_opts_set_tls_opts (


   mongoc_auto_encryption_opts_t *opts, const bson_t *tls_opts);

PARAMETERS¶

opts: The mongoc_auto_encryption_opts_t <>
tls_opts: A bson_t <https://www.mongoc.org/libbson/current/bson_t.html> mapping a Key Management Service (KMS) provider to a BSON document with TLS options.

tls_opts is a BSON document of the following form:

<KMS provider>: {


   tlsCaFile: Optional<String>


   tlsCertificateKeyFile: Optional<String>


   tlsCertificateKeyFilePassword: Optional<String>
}

The KMS providers aws, azure, gcp, and kmip are supported as keys in the tls_opts document. They may include an optional name suffix separated with a colon. Example: aws:name2.

tls_opts maps the KMS provider name to a BSON document for TLS options.

The BSON document for TLS options may contain the following keys:

MONGOC_URI_TLSCERTIFICATEKEYFILE
MONGOC_URI_TLSCERTIFICATEKEYFILEPASSWORD
MONGOC_URI_TLSCAFILE

Example use

mongoc_auto_encryption_opts_t *ae_opts = mongoc_auto_encryption_opts_new();
bson_t *tls_opts = bson_new();
BCON_APPEND(tls_opts, "kmip", "{", MONGOC_URI_TLSCAFILE, "ca1.pem", "}");
BCON_APPEND(tls_opts, "aws", "{", MONGOC_URI_TLSCAFILE, "ca2.pem", "}");
mongoc_auto_encryption_opts_set_tls_opts(ae_opts, tls_opts);

See Configuring TLS <https://www.mongodb.com/docs/languages/c/c-driver/current/libmongoc/guides/configuring_tls/> for a description of the behavior of these options.

See also:

mongoc_client_enable_auto_encryption() <>

In-Use Encryption <https://www.mongodb.com/docs/languages/c/c-driver/current/libmongoc/guides/in-use-encryption/>

Author¶

MongoDB, Inc

Copyright¶

2009-present, MongoDB, Inc.

December 11, 2025

2.2.1

Source file:	mongoc_auto_encryption_opts_set_tls_opts.3.en.gz (from libmongoc-doc 2.2.1-1)
Source last updated:	2025-12-11T19:57:45Z
Converted to HTML:	2025-12-30T11:44:31Z