chickadee » openssl » ssl-listen*

(ssl-listen* #!key (hostname <string>) ((port <exact>) 0) ((backlog <exact>) 4) ((protocol <symbol>) 'tlsv12) ((cipher-list <any>) "DEFAULT") (certificate <string|blob>) (private-key <string|blob>) ((private-key-type <symbol>) 'rsa) (private-key-asn1? <bool>) (certificate-authorities <string>) (certificate-authority-directory <string>) ((verify? <bool>) #f)) => <ssl-listener>procedure

Convenience constructor for an SSL listener that uses keyword arguments to convey initialization information. Uses sensible defaults for the protocol configuration.

The hostname argument determines the local network interface to listen on and defaults to the wildcard address. The port arguments determine the local network port to listen to and defaults to a randomly selected port. The protocol can be any of the choices available for ssl-listen, but it defaults to the modern 'tlsv12. You can customize the list of allowed cipher suites using the cipher-list argument, which is passed to ssl-set-cipher-list!. A server certificate and associated private key can be loaded using the certificate and private-key arguments, which may be strings representing file paths or blobs containing the data itself; see ssl-load-certificate-chain! and ssl-load-private-key! for details. The verification of client certificates may be enabled or disabled (the default) using verify?; the set of trusted CA certificates can be specified by certificate-authorities and certificate-authority-directory, which are passed to ssl-load-verify-root-certificates!.