since: 2.72


g_tls_certificate_new_from_pkcs12 (
  const guint8* data,
  gsize length,
  const gchar* password,
  GError** error


Creates a GTlsCertificate from the data in data. It must contain a certificate and matching private key.

If extra certificates are included they will be verified as a chain and the GTlsCertificate:issuer property will be set. All other data will be ignored.

You can pass as single password for all of the data which will be used both for the PKCS #12 container as well as encrypted private keys. If decryption fails it will error with G_TLS_ERROR_BAD_CERTIFICATE_PASSWORD.

This constructor requires support in the current GTlsBackend. If support is missing it will error with G_IO_ERROR_NOT_SUPPORTED.

Other parsing failures will error with G_TLS_ERROR_BAD_CERTIFICATE.

Available since: 2.72



Type: An array of guint8

DER-encoded PKCS #12 format certificate data.

The length of the array is specified in the length argument.
The data is owned by the caller of the function.

Type: gsize

The length of data.


Type: const gchar*

Optional password for encrypted certificate data.

The argument can be NULL.
The data is owned by the caller of the function.
The value is a NUL terminated UTF-8 string.

Type: GError **

The return location for a recoverable error.

The argument can be NULL.
If the return location is not NULL, then you must initialize it to a NULL GError*.
The argument will left initialized to NULL by the constructor if there are no errors.
In case of error, the argument will be set to a newly allocated GError; the caller will take ownership of the data, and be responsible for freeing it.

Return value

Type: GTlsCertificate

The new certificate, or NULL if data is invalid.

The caller of the function takes ownership of the data, and is responsible for freeing it.