#include <ts/ts.h>
TSReturnCode TSSslClientContextsNamesGet(int n, const char **result, int *actual)
TSSslContext TSSslClientContextFindByName(const char *ca_paths, const char *ck_paths)


These functions are used to explore the client contexts that Traffic Server uses to connect to upstreams.

TSSslClientContextsNamesGet() can be used to retrieve the entire client context mappings. Note that in Traffic Server, client contexts are stored in a 2-level mapping with ca paths and cert/key paths as keys. Hence every 2 null-terminated string in result can be used to lookup one context. result points to an user allocated array that will hold pointers to lookup key strings and n is the size for result array. actual, if valid, will be filled with actual number of lookup keys (2 for each context).

TSSslClientContextFindByName() can be used to retrieve the client context pointed by the lookup key pairs. User should call TSSslClientContextsNamesGet() first to determine which lookup keys are present before querying for the context. ca_paths should be the first key and ck_paths should be the second. This function returns NULL if the client context mapping are changed and no valid context exists for the key pair. The caller is responsible for releasing the context returned by this function with TSSslContextDestroy().


The example below is excerpted from example/plugins/c-api/client_context_dump/client_context_dump.cc in the Traffic Server source distribution. It demonstrates how to use TSSslClientContextsNamesGet() and TSSslClientContextFindByName() to retrieve all contexts.

  if (tag.substr(0, PLUGIN_PREFIX.size()) == PLUGIN_PREFIX) {
    // Grab all keys by API and dump to log file according to arg passed in
    int count = 0;
    TSSslClientContextsNamesGet(0, nullptr, &count);
    if (count > 0) {
      char const **results = static_cast<char const **>(malloc(sizeof(const char *) * count));
      TSSslClientContextsNamesGet(count, results, nullptr);
      for (int i = 0; i < count; i += 2) {
        dump_context(results[i], results[i + 1]);
dump_context(const char *ca_path, const char *ck_path)
  TSSslContext ctx = TSSslClientContextFindByName(ca_path, ck_path);
  if (ctx) {