HP OpenVMS Systems Documentation

Content starts here
HP Open Source Security for OpenVMS Volume 2: HP SSL for OpenVMS

SSL Application Programming Interface (API) Reference

  Table of Contents


This reference section includes the OpenSSL SSL APIs, and is based on information provided by The Open Group. This information can also be found at the following URL:


The OpenSSL SSL library implements the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols.

This library is provided in the form of a shareable image and is located at:


The C header files (.H) that contain the prototypes for these APIs are found in SSL$ROOT:[INCLUDE]. A logical name, SSL$INCLUDE, allows you to access this directory. The logical name OPENSSL, which points to SSL$INCLUDE, is provided so that applications can use statements similar to the following:

#include <openssl/include.filename.h>
NOTE: Do not confuse the OPENSSL logical name with the OPENSSL foreign symbol. The foreign symbol provides access to the OpenSSL command line interface.

Table of Contents

d2i_SSL_SESSION() - convert SSL_SESSION object from/to ASN1 representation
SSL() - OpenSSL SSL/TLS library
SSL_accept() - wait for a TLS/SSL client to initiate a TLS/SSL handshake
SSL_alert_type_string() - get textual description of alert information
SSL_CIPHER_get_name() - get SSL_CIPHER properties
SSL_clear() - reset SSL object to allow another connection
SSL_COMP_add_compression_method() - handle SSL/TLS integrated compression methods
SSL_connect() - initiate the TLS/SSL handshake with an TLS/SSL server
SSL_CTX_add_extra_chain_cert() - add certificate to chain
SSL_CTX_add_session() - manipulate session cache
SSL_CTX_ctrl() - internal handling functions for SSL_CTX and SSL objects
SSL_CTX_flush_sessions() - remove expired sessions
SSL_CTX_free() - free an allocated SSL_CTX object
SSL_CTX_get_ex_new_index() - internal application specific data functions
SSL_CTX_get_verify_mode() - get currently set verification parameters
SSL_CTX_load_verify_locations() - set default locations for trusted CA certificates
SSL_CTX_new() - create a new SSL_CTX object as framework for TLS/SSL enabled functions
SSL_CTX_sess_number() - obtain session cache statistics
SSL_CTX_sess_set_cache_size() - manipulate session cache size
SSL_CTX_sess_set_new_cb() - provide callback functions for server side external session caching
SSL_CTX_sessions() - access internal session cache
SSL_CTX_set_cert_store() - manipulate X509 certificate verification storage
SSL_CTX_set_cert_verify_callback() - set peer certificate verification procedure
SSL_CTX_set_cipher_list() - choose list of available SSL_CIPHERs
SSL_CTX_set_client_CA_list() - set list of CAs sent to the client when requesting a client certificate
SSL_CTX_set_client_cert_cb() - handle client certificate callback function
SSL_CTX_set_default_passwd_cb() - set passwd callback for encrypted PEM file handling
SSL_CTX_set_generate_session_id() - manipulate generation of SSL session IDs (server only)
SSL_CTX_set_info_callback() - handle information callback for SSL connections
SSL_CTX_set_max_cert_list() - manipulate allowed for the peer's certificate chain
SSL_CTX_set_mode() - manipulate SSL engine mode
SSL_CTX_set_msg_callback() - install callback for observing protocol messages
SSL_CTX_set_options() - manipulate SSL engine options
SSL_CTX_set_quiet_shutdown() - manipulate shutdown behaviour
SSL_CTX_set_session_cache_mode() - enable/disable session caching
SSL_CTX_set_session_id_context() - set context within which session can be reused (server side only)
SSL_CTX_set_ssl_version() - choose a new TLS/SSL method
SSL_CTX_set_timeout() - manipulate timeout values for session caching
SSL_CTX_set_tmp_dh_callback() - handle DH keys for ephemeral key exchange
SSL_CTX_set_tmp_rsa_callback() - handle RSA keys for ephemeral key exchange
SSL_CTX_set_verify() - set peer certificate verification parameters
SSL_CTX_use_certificate() - load certificate and key data
SSL_do_handshake() - perform a TLS/SSL handshake
SSL_free() - free an allocated SSL structure
SSL_get_ciphers() - get list of available SSL_CIPHERs
SSL_get_client_CA_list() - get list of client CAs
SSL_get_current_cipher() - get SSL_CIPHER of a connection
SSL_get_default_timeout() - get default session timeout value
SSL_get_error() - obtain result code for TLS/SSL I/O operation
SSL_get_ex_data_X509_STORE_CTX_idx() - get ex_data index to access SSL structure from X509_STORE_CTX
SSL_get_ex_new_index() - internal application specific data functions
SSL_get_fd() - get file descriptor linked to an SSL object
SSL_get_peer_cert_chain() - get the X509 certificate chain of the peer
SSL_get_peer_certificate() - get the X509 certificate of the peer
SSL_get_rbio() - get BIO linked to an SSL object
SSL_get_session() - retrieve TLS/SSL session data
SSL_get_SSL_CTX() - get the SSL_CTX from which an SSL is created
SSL_get_verify_result() - get result of peer certificate verification
SSL_get_version() - get the protocol version of a connection.
SSL_library_init() - initialize SSL library by registering algorithms
SSL_load_client_CA_file() - load certificate names from file
SSL_new() - create a new SSL structure for a connection
SSL_pending() - obtain number of readable bytes buffered in an SSL object
SSL_read() - read bytes from a TLS/SSL connection.
SSL_rstate_string() - get textual description of state of an SSL object during read operation
SSL_SESSION_free() - free an allocated SSL_SESSION structure
SSL_SESSION_get_ex_new_index() - internal application specific data functions
SSL_SESSION_get_time() - retrieve and manipulate session time and timeout settings
SSL_session_reused() - query whether a reused session was negotiated during handshake
SSL_set_bio() - connect the SSL object with a BIO
SSL_set_connect_state() - prepare SSL object to work in client or server mode
SSL_set_fd() - connect the SSL object with a file descriptor
SSL_set_session() - set a TLS/SSL session to be used during TLS/SSL connect
SSL_set_shutdown() - manipulate shutdown state of an SSL connection
SSL_set_verify_result() - override result of peer certificate verification
SSL_shutdown() - shut down a TLS/SSL connection
SSL_state_string() - get textual description of state of an SSL object
SSL_want() - obtain state information TLS/SSL I/O operation
SSL_write() - write bytes to a TLS/SSL connection.