Provided by: libupsclient-dev_2.8.3-2_amd64 bug

NAME
       upscli_init - Initialize upsclient module specifying security properties.


SYNOPSIS
               #include <upsclient.h>

               int upscli_init(
                       int certverify,
                       const char *certpath,
                       const char *certname,
                       const char *certpasswd);


DESCRIPTION
       The upscli_init() function initializes upsclient module and sets many TLS/SSL-related properties:
       certverify to 1 makes certificate verification required for all SSL connections and certpath is the
       location of certificate database.

       •   If compiled with OpenSSL, certpath refers to directory containing certificates where the certificates
           must be named according to their hash values ending in a ".0" extension. If two certificates result
           in the same hash value (thus file name), the ".0" can be incremented to ".1" and so on, as needed.
           The shell command for creating links in this manner would be:

               :; ln -s ca.pem ./$(openssl x509 -hash -noout -in ca.pem).0

           Alternatively, the c_rehash utility (provided by e.g.  openssl-perl package) can take a directory and
           iterate it to link all certificates found in that directory, in the manner described above.

       •   If compiled with NSS, certpath refers to a directory containing its database files.

       If compiled with NSS and using SSL, you can specify certname with the name of the certificate to send to
       upsd, and certpasswd with the password used to decrypt certificate private key.

       If compiled with NSS, it would normally log either the infamous message "Init SSL without certificate
       database" if no certpath was provided, or "Init SSL with certificate database located at %s" otherwise.
       Since some programmatic consumers become confused by such extra text on the stderr of tools they call
       (such as monitoring systems doing upsc queries), you can export an environment variable
       NUT_QUIET_INIT_SSL with string values "true", "TRUE" or "1", to avoid logging these messages and just
       emit them as debug stream (at verbosity 1 or higher).

       As part of general initialization, upscli_init() function can call the
       upscli_init_default_connect_timeout(3) method (if it was never used before): this allows unmodified
       (legacy) NUT clients to consistently benefit from presence of the NUT_DEFAULT_CONNECT_TIMEOUT environment
       variable for upscli_connect(3) attempts to be not blocking (as per default).

       You can call upscli_add_host_cert(3) to register specific host security policy before initialize
       connections to them.

       You must call upscli_cleanup(3) when exiting application.


RETURN VALUE
       The upscli_init() function returns 1 on success, or -1 if an error occurs.


SEE ALSO
       upscli_add_host_cert(3), upscli_cleanup(3), upscli_connect(3), upscli_disconnect(3),
       upscli_init_default_connect_timeout(3), upscli_fd(3), upscli_splitaddr(3), upscli_splitname(3),
       upscli_ssl(3), upscli_strerror(3), upscli_upserror(3)

Network UPS Tools 2.8.3                            07/08/2025                                     UPSCLI_INIT(3)