Scieneer Common Lisp 1.3.9 online documentation

ssl:make-ssl-client-stream fd &key element-type external-format buffering timeout expiration certificate key verify-mode verify-depth ciphers options ssl-context[Function]

Make a new SSL client stream on the given socket fd, returning the new stream upon success, and signaling an appropriate error upon failure. The socket fd is not closed upon a failure, and the caller is expected to ensure the socket is closed if necessary.

Indicates the element type to use. Only the character and '(unsigned-byte 8) types are supported.
For a character stream this is the external character format to use. The default value is :default for which the value of ext:*default-external-format* is used.
Indicates the kind of output buffer flushing to use which may be one of: :none, :line, or the default :full. Line buffering is only applicable to character streams.
The number of seconds to wait for an input or output operation. If false, which is the default, then wait forever. When a timeout occurs the sys:io-timeout condition is signaled.
The number of seconds to before the stream expires. If false, which is the default, then the stream does not expire. When the stream expires the sys:io-timeout condition is signaled until the expiration time is reset.
The SSL context in which the stream will be created. If not supplied then the ssl:*default-ssl-context* is used, and a default context is created if necessary. See also: ssl:make-ssl-context, and ssl:initialize-ssl-context.

The following SSL options are accepted and override the global SSL context defaults:

The certificate file to use, in PEM format.
The key file to use. If the key is password protected then the password must have been specified in the SSL global context, see ssl:initialize-ssl-context. If the key file is nil then the certificate file is used.
One of the following
The server certificate, if any, is checked but the connection handshake will proceed regardless of the result of the server certificate verification. The verification result may be checked with ssl:ssl-stream-verify-result.
The server certificate, if any, is checked and the handshake is terminated immediately upon a verification failure. A server certificate is not required.
The server certificate is required and is checked and the handshake is terminated immediately upon a verification failure.
The limit up to which depth certificates in a chain are used during the verification procedure. Certificates above the limit are ignored.
A colon separated list of the restricted set of ciphers to use.