SSL_load_client_CA_file_ex, SSL_load_client_CA_file, SSL_add_file_cert_subjects_to_stack,

       Copyright 2000-2024 The OpenSSL Project Authors. All Rights Reserved.

       Licensed under the Apache License 2.0 (the "License").  You may not use this file  except  in  compliance
       with  the  License.   You  can  obtain  a  copy  in  the  file  LICENSE  in the source distribution or at
       <https://www.openssl.org/source/license.html>.

3.5.0                                              2025-06-04                      SSL_LOAD_CLIENT_CA_FILE(3SSL)

SSL_load_client_CA_file_ex() reads certificates from file and returns a STACK_OF(X509_NAME) with the
       subject names found. The library context libctx and property query propq are used when fetching
       algorithms from providers.

       SSL_load_client_CA_file() is similar to SSL_load_client_CA_file_ex() but uses NULL for the library
       context libctx and property query propq.

       SSL_add_file_cert_subjects_to_stack() reads certificates from file, and adds their subject name to the
       already existing stack.

       SSL_add_dir_cert_subjects_to_stack() reads certificates from every file in the directory dir, and adds
       their subject name to the already existing stack.

       SSL_add_store_cert_subjects_to_stack() loads certificates from the store URI, and adds their subject name
       to the already existing stack.

       Load names of CAs from file and use it as a client CA list:

        SSL_CTX *ctx;
        STACK_OF(X509_NAME) *cert_names;

        ...
        cert_names = SSL_load_client_CA_file("/path/to/CAfile.pem");
        if (cert_names != NULL)
            SSL_CTX_set_client_CA_list(ctx, cert_names);
        else
            /* error */
        ...

SSL_load_client_CA_file_ex() and SSL_add_store_cert_subjects_to_stack() were added in OpenSSL 3.0.

       SSL_load_client_CA_file_ex, SSL_load_client_CA_file, SSL_add_file_cert_subjects_to_stack,
       SSL_add_dir_cert_subjects_to_stack, SSL_add_store_cert_subjects_to_stack - load certificate names

SSL_load_client_CA_file() reads a file of PEM formatted certificates and extracts the X509_NAMES of the
       certificates found. While the name suggests the specific usage as support function for
       SSL_CTX_set_client_CA_list(3), it is not limited to CA certificates.

       The following return values can occur for SSL_load_client_CA_file_ex(), and SSL_load_client_CA_file():

       NULL
           The operation failed, check out the error stack for the reason.

       Pointer to STACK_OF(X509_NAME)
           Pointer to the subject names of the successfully read certificates.

       The     following     return     values     can    occur    for    SSL_add_file_cert_subjects_to_stack(),
       SSL_add_dir_cert_subjects_to_stack(), and SSL_add_store_cert_subjects_to_stack():

       0 (Failure)
           The operation failed.

       1 (Success)
           The operation succeeded.

ssl(7), ossl_store(7), SSL_CTX_set_client_CA_list(3)

        #include <openssl/ssl.h>

        STACK_OF(X509_NAME) *SSL_load_client_CA_file_ex(const char *file,
                                                        OSSL_LIB_CTX *libctx,
                                                        const char *propq);
        STACK_OF(X509_NAME) *SSL_load_client_CA_file(const char *file);

        int SSL_add_file_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
                                                const char *file);
        int SSL_add_dir_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
                                               const char *dir);
        int SSL_add_store_cert_subjects_to_stack(STACK_OF(X509_NAME) *stack,
                                                 const char *store);