mongoc_auto_encryption_opts_set_tls_opts

Synopsis

void
mongoc_auto_encryption_opts_set_tls_opts (
   mongoc_auto_encryption_opts_t *opts, const bson_t *tls_opts);

Parameters

tls_opts is a BSON document of the following form:

<KMS provider>: {
   tlsCaFile: Optional<String>
   tlsCertificateKeyFile: Optional<String>
   tlsCertificateKeyFilePassword: Optional<String>
}

The KMS providers aws, azure, gcp, and kmip are supported as keys in the tls_opts document. They may include an optional name suffix separated with a colon. Example: aws:name2.

tls_opts maps the KMS provider name to a BSON document for TLS options.

The BSON document for TLS options may contain the following keys:

Example use

mongoc_auto_encryption_opts_t *ae_opts = mongoc_auto_encryption_opts_new ();
bson_t *tls_opts = bson_new ();

BCON_APPEND (tls_opts, "kmip", "{", MONGOC_URI_TLSCAFILE, "ca1.pem", "}");
BCON_APPEND (tls_opts, "aws", "{", MONGOC_URI_TLSCAFILE, "ca2.pem", "}");
mongoc_auto_encryption_opts_set_tls_opts (ae_opts, tls_opts);

See Configuring TLS for a description of the behavior of these options.

SEE ALSO:

mongoc_client_enable_auto_encryption()
In-Use Encryption

Author

MongoDB, Inc

Info

Nov 07, 2024 1.29.0 libmongoc