1 files changed, 33 insertions, 0 deletions

diff --git a/doc/functions/gnutls_x509_crq_sign2 b/doc/functions/gnutls_x509_crq_sign2
new file mode 100644
index 0000000..ee763ae
--- /dev/null
+++ b/doc/functions/gnutls_x509_crq_sign2
@@ -0,0 +1,33 @@
+
+
+
+
+@deftypefun {int} {gnutls_x509_crq_sign2} (gnutls_x509_crq_t @var{crq}, gnutls_x509_privkey_t @var{key}, gnutls_digest_algorithm_t @var{dig}, unsigned int @var{flags})
+@var{crq}: should contain a @code{gnutls_x509_crq_t}  type
+
+@var{key}: holds a private key
+
+@var{dig}: The message digest to use, i.e., @code{GNUTLS_DIG_SHA256} 
+
+@var{flags}: must be 0
+
+This function will sign the certificate request with a private key.
+This must be the same key as the one used in
+@code{gnutls_x509_crt_set_key()}  since a certificate request is self
+signed.
+
+This must be the last step in a certificate request generation
+since all the previously set parameters are now signed.
+
+A known limitation of this function is, that a newly-signed request will not
+be fully functional (e.g., for signature verification), until it
+is exported an re-imported.
+
+After GnuTLS 3.6.1 the value of  @code{dig} may be @code{GNUTLS_DIG_UNKNOWN} ,
+and in that case, a suitable but reasonable for the key algorithm will be selected.
+
+@strong{Returns:} @code{GNUTLS_E_SUCCESS}  on success, otherwise a negative error code.
+@code{GNUTLS_E_ASN1_VALUE_NOT_FOUND}  is returned if you didn't set all
+information in the certificate request (e.g., the version using
+@code{gnutls_x509_crq_set_version()} ).
+@end deftypefun