Initialize or reinitialize a SSL context. The SSL context provides the location of the trusted CA certificates and the key password, and may also provide default values for later operations. A default context will be automatically allocated when needed and does not need to be explicitly initialized unless the trusted CA certificates, or the key password, need to be specified.

:ssl-context

The SSL context to initialize. The ssl:*default-ssl-context* is used if not supplied, and a default context is created if necessary. See also: ssl:make-ssl-context, and ssl:initialize-ssl-context.

:certificate

The certificate file to use, in PEM format.

:key

The key file to use, and the password if applicable. If the key file is nil then the certificate file is used.

:password

The global password to use for password protected keys. Only a single global password can be specified. If a password is not supplied then it will be prompted for if needed and then stored.

:verify-mode

One of :none, :request, or :require. This affects both the client and server mode, see ssl:make-ssl-server-stream and ssl:make-ssl-client-stream respectively for more information. The default is :none which may be suitable for a server but probably not for a client.

:verify-depth

The limit up to which depth certificates in a chain are used during the verification procedure. Certificates above the limit are ignored. The default depth is one.

:ciphers

A colon separated list of the restricted set of ciphers to use.

:cafile

A file with the trusted CA certificates used for verification purposes.

:capath

The path to the trusted CA certificates directory.

:dh-params

A DH parameters file. If a file is not supplied then internal hard coded parameters are used.