Difference between revisions of "HTTP Services"

From 3dbrew
Jump to navigation Jump to search
(→‎HTTP service "http:C": Fix wrong command Header)
 
(27 intermediate revisions by 4 users not shown)
Line 5: Line 5:
 
!  Command Header
 
!  Command Header
 
!  Available since system-version
 
!  Available since system-version
 +
!  Available from service-sessions
 
!  Description
 
!  Description
 
|-
 
|-
 
| 0x00010044
 
| 0x00010044
 +
| [[1.0.0-0]]
 
|  
 
|  
 
| [[HTTPC:Initialize|Initialize]]
 
| [[HTTPC:Initialize|Initialize]]
 
|-
 
|-
 
| 0x00020082
 
| 0x00020082
|  
+
| [[1.0.0-0]]
 +
| Main-only
 
| [[HTTPC:CreateContext|CreateContext]]
 
| [[HTTPC:CreateContext|CreateContext]]
 
|-
 
|-
 
| 0x00030040
 
| 0x00030040
|  
+
| [[1.0.0-0]]
 +
| All
 
| [[HTTPC:CloseContext|CloseContext]]
 
| [[HTTPC:CloseContext|CloseContext]]
 
|-
 
|-
 
| 0x00040040
 
| 0x00040040
 +
| [[1.0.0-0]]
 
|  
 
|  
 
| [[HTTPC:CancelConnection|CancelConnection]]
 
| [[HTTPC:CancelConnection|CancelConnection]]
 
|-
 
|-
 
| 0x00050040
 
| 0x00050040
 +
| [[1.0.0-0]]
 
|  
 
|  
 
| [[HTTPC:GetRequestState|GetRequestState]]
 
| [[HTTPC:GetRequestState|GetRequestState]]
 
|-
 
|-
 
| 0x00060040
 
| 0x00060040
 +
| [[1.0.0-0]]
 
|  
 
|  
 
| [[HTTPC:GetDownloadSizeState|GetDownloadSizeState]]
 
| [[HTTPC:GetDownloadSizeState|GetDownloadSizeState]]
 
|-
 
|-
 
| 0x00070040
 
| 0x00070040
 +
| [[1.0.0-0]]
 
|  
 
|  
 
| [[HTTPC:GetRequestError|GetRequestError]]
 
| [[HTTPC:GetRequestError|GetRequestError]]
 
|-
 
|-
 
| 0x00080042
 
| 0x00080042
 +
| [[1.0.0-0]]
 
|  
 
|  
 
| [[HTTPC:InitializeConnectionSession|InitializeConnectionSession]]
 
| [[HTTPC:InitializeConnectionSession|InitializeConnectionSession]]
 
|-
 
|-
 
| 0x00090040
 
| 0x00090040
 +
| [[1.0.0-0]]
 
|  
 
|  
 
| [[HTTPC:BeginRequest|BeginRequest]]
 
| [[HTTPC:BeginRequest|BeginRequest]]
 
|-
 
|-
 
| 0x000A0040
 
| 0x000A0040
 +
| [[1.0.0-0]]
 
|  
 
|  
 
| [[HTTPC:BeginRequestAsync|BeginRequestAsync]]
 
| [[HTTPC:BeginRequestAsync|BeginRequestAsync]]
 
|-
 
|-
 
| 0x000B0082
 
| 0x000B0082
 +
| [[1.0.0-0]]
 
|  
 
|  
 
| [[HTTPC:ReceiveData|ReceiveData]]
 
| [[HTTPC:ReceiveData|ReceiveData]]
 
|-
 
|-
 
| 0x000C0102
 
| 0x000C0102
 +
| [[1.0.0-0]]
 
|  
 
|  
 
| [[HTTPC:ReceiveDataTimeout|ReceiveDataTimeout]]
 
| [[HTTPC:ReceiveDataTimeout|ReceiveDataTimeout]]
 
|-
 
|-
 
| 0x000D0146
 
| 0x000D0146
 +
| [[1.0.0-0]]
 
|  
 
|  
 
| [[HTTPC:SetProxy|SetProxy]]
 
| [[HTTPC:SetProxy|SetProxy]]
 
|-
 
|-
 
| 0x000E0040
 
| 0x000E0040
 +
| [[1.0.0-0]]
 
|  
 
|  
 
| [[HTTPC:SetProxyDefault|SetProxyDefault]]
 
| [[HTTPC:SetProxyDefault|SetProxyDefault]]
 
|-
 
|-
 
| 0x000F00C4
 
| 0x000F00C4
 +
| [[1.0.0-0]]
 
|  
 
|  
 
| [[HTTPC:SetBasicAuthorization|SetBasicAuthorization]]
 
| [[HTTPC:SetBasicAuthorization|SetBasicAuthorization]]
 
|-
 
|-
 
| 0x00100080
 
| 0x00100080
|  
+
| [[1.0.0-0]]
| SetSocketBufferSize
+
| Context-only
 +
| [[HTTPC:SetSocketBufferSize|SetSocketBufferSize]]
 
|-
 
|-
 
| 0x001100C4
 
| 0x001100C4
 +
| [[1.0.0-0]]
 
|  
 
|  
 
| [[HTTPC:AddRequestHeader|AddRequestHeader]]
 
| [[HTTPC:AddRequestHeader|AddRequestHeader]]
 
|-
 
|-
 
| 0x001200C4
 
| 0x001200C4
 +
| [[1.0.0-0]]
 
|  
 
|  
 
| [[HTTPC:AddPostDataAscii|AddPostDataAscii]]
 
| [[HTTPC:AddPostDataAscii|AddPostDataAscii]]
 
|-
 
|-
 
| 0x001300C4
 
| 0x001300C4
 +
| [[1.0.0-0]]
 
|  
 
|  
| AddPostDataBinary
+
| [[HTTPC:AddPostDataBinary|AddPostDataBinary]]
 
|-
 
|-
 
| 0x00140082
 
| 0x00140082
 +
| [[1.0.0-0]]
 
|  
 
|  
| AddPostDataRaw
+
| [[HTTPC:AddPostDataRaw|AddPostDataRaw]]
 
|-
 
|-
 
| 0x00150080
 
| 0x00150080
 +
| [[1.0.0-0]]
 
|  
 
|  
 
| SetPostDataType(u8 enum)
 
| SetPostDataType(u8 enum)
 
|-
 
|-
 
| 0x001600C4
 
| 0x001600C4
 +
| [[1.0.0-0]]
 
|  
 
|  
 
| SendPostDataAscii
 
| SendPostDataAscii
 
|-
 
|-
 
| 0x00170144
 
| 0x00170144
 +
| [[1.0.0-0]]
 
|  
 
|  
 
| SendPostDataAsciiTimeout
 
| SendPostDataAsciiTimeout
 
|-
 
|-
 
| 0x001800C4
 
| 0x001800C4
 +
| [[1.0.0-0]]
 
|  
 
|  
 
| SendPostDataBinary
 
| SendPostDataBinary
 
|-
 
|-
 
| 0x00190144
 
| 0x00190144
 +
| [[1.0.0-0]]
 
|  
 
|  
 
| SendPostDataBinaryTimeout
 
| SendPostDataBinaryTimeout
 
|-
 
|-
 
| 0x001A0082
 
| 0x001A0082
 +
| [[1.0.0-0]]
 
|  
 
|  
 
| SendPostDataRaw
 
| SendPostDataRaw
 
|-
 
|-
 
| 0x001B0102
 
| 0x001B0102
 +
| [[1.0.0-0]]
 
|  
 
|  
 
| [[HTTPC:SendPOSTDataTimeout|SendPOSTDataRawTimeout]]
 
| [[HTTPC:SendPOSTDataTimeout|SendPOSTDataRawTimeout]]
 
|-
 
|-
 
| 0x001C0080
 
| 0x001C0080
 +
| [[1.0.0-0]]
 
|  
 
|  
 
| SetPostDataEncoding
 
| SetPostDataEncoding
 
|-
 
|-
 
| 0x001D0040
 
| 0x001D0040
 +
| [[1.0.0-0]]
 
|  
 
|  
| NotifyFinishSendPostData
+
| [[HTTPC:NotifyFinishSendPostData|NotifyFinishSendPostData]]
 
|-
 
|-
 
| 0x001E00C4
 
| 0x001E00C4
 +
| [[1.0.0-0]]
 
|  
 
|  
 
| [[HTTPC:GetResponseHeader|GetResponseHeader]]
 
| [[HTTPC:GetResponseHeader|GetResponseHeader]]
 
|-
 
|-
 
| 0x001F0144
 
| 0x001F0144
 +
| [[1.0.0-0]]
 
|  
 
|  
 
| [[HTTPC:GetResponseHeaderTimeout|GetResponseHeaderTimeout]]
 
| [[HTTPC:GetResponseHeaderTimeout|GetResponseHeaderTimeout]]
 
|-
 
|-
 
| 0x00200082
 
| 0x00200082
 +
| [[1.0.0-0]]
 
|  
 
|  
 
| [[HTTPC:GetResponseData|GetResponseData]]
 
| [[HTTPC:GetResponseData|GetResponseData]]
 
|-
 
|-
 
| 0x00210102
 
| 0x00210102
 +
| [[1.0.0-0]]
 
|  
 
|  
 
| GetResponseDataTimeout
 
| GetResponseDataTimeout
 
|-
 
|-
 
| 0x00220040
 
| 0x00220040
 +
| [[1.0.0-0]]
 
|  
 
|  
 
| [[HTTPC:GetResponseStatusCode|GetResponseStatusCode]]
 
| [[HTTPC:GetResponseStatusCode|GetResponseStatusCode]]
 
|-
 
|-
 
| 0x002300C0
 
| 0x002300C0
 +
| [[1.0.0-0]]
 
|  
 
|  
 
| [[HTTPC:GetResponseStatusCodeTimeout|GetResponseStatusCodeTimeout]]
 
| [[HTTPC:GetResponseStatusCodeTimeout|GetResponseStatusCodeTimeout]]
 
|-
 
|-
 
| 0x00240082
 
| 0x00240082
 +
| [[1.0.0-0]]
 
|  
 
|  
 
| [[HTTPC:AddTrustedRootCA|AddTrustedRootCA]]
 
| [[HTTPC:AddTrustedRootCA|AddTrustedRootCA]]
 
|-
 
|-
 
| 0x00250080
 
| 0x00250080
 +
| [[1.0.0-0]]
 
|  
 
|  
 
| [[HTTPC:AddDefaultCert|AddDefaultCert]]
 
| [[HTTPC:AddDefaultCert|AddDefaultCert]]
 
|-
 
|-
 
| 0x00260080
 
| 0x00260080
 +
| [[1.0.0-0]]
 
|  
 
|  
 
| [[HTTPC:SelectRootCertChain|SelectRootCertChain]]
 
| [[HTTPC:SelectRootCertChain|SelectRootCertChain]]
 
|-
 
|-
 
| 0x002700C4
 
| 0x002700C4
 +
| [[1.0.0-0]]
 
|  
 
|  
 
| [[HTTPC:SetClientCert|SetClientCert]]
 
| [[HTTPC:SetClientCert|SetClientCert]]
 
|-
 
|-
 
| 0x00280080
 
| 0x00280080
|  
+
| [[1.0.0-0]]
| Somehow related to [[HTTPC:SetClientCert|SetClientCert]].
+
| Context-only
 +
| [[HTTPC:SetClientCertDefault|SetClientCertDefault]]
 
|-
 
|-
 
| 0x00290080
 
| 0x00290080
|  
+
| [[1.0.0-0]]
|  
+
| Context-only
 +
| [[HTTPC:SetClientCertContext|SetClientCertContext]]
 
|-
 
|-
 
| 0x002A0040
 
| 0x002A0040
|  
+
| [[1.0.0-0]]
| GetSSLError?
+
| All
 +
| (u32 contexthandle) GetSSLError? This loads a value from state, this doesn't seem to use any sslc command.
 
|-
 
|-
 
| 0x002B0080
 
| 0x002B0080
|  
+
| [[1.0.0-0]]
 +
| Context-only
 
| [[HTTPC:SetSSLOpt|SetSSLOpt]]
 
| [[HTTPC:SetSSLOpt|SetSSLOpt]]
 
|-
 
|-
 
| 0x002C0080
 
| 0x002C0080
|  
+
| [[1.0.0-0]]
 +
| Context-only
 
| [[HTTPC:SetSSLClearOpt|SetSSLClearOpt]]
 
| [[HTTPC:SetSSLClearOpt|SetSSLClearOpt]]
 
|-
 
|-
 
| 0x002D0000
 
| 0x002D0000
|  
+
| [[1.0.0-0]]
 +
| Main-only
 
| [[HTTPC:CreateRootCertChain|CreateRootCertChain]]
 
| [[HTTPC:CreateRootCertChain|CreateRootCertChain]]
 
|-
 
|-
 
| 0x002E0040
 
| 0x002E0040
|  
+
| [[1.0.0-0]]
 +
| Main-only
 
| [[HTTPC:DestroyRootCertChain|DestroyRootCertChain]]
 
| [[HTTPC:DestroyRootCertChain|DestroyRootCertChain]]
 
|-
 
|-
 
| 0x002F0082
 
| 0x002F0082
|  
+
| [[1.0.0-0]]
 +
| Main-only
 
| [[HTTPC:RootCertChainAddCert|RootCertChainAddCert]]
 
| [[HTTPC:RootCertChainAddCert|RootCertChainAddCert]]
 
|-
 
|-
 
| 0x00300080
 
| 0x00300080
|  
+
| [[1.0.0-0]]
 +
| Main-only
 
| [[HTTPC:RootCertChainAddDefaultCert|RootCertChainAddDefaultCert]]
 
| [[HTTPC:RootCertChainAddDefaultCert|RootCertChainAddDefaultCert]]
 
|-
 
|-
 
| 0x00310080
 
| 0x00310080
|  
+
| [[1.0.0-0]]
|  
+
| Main-only
 +
| [[HTTPC:RootCertChainRemoveCert|RootCertChainRemoveCert]]
 
|-
 
|-
 
| 0x00320084
 
| 0x00320084
|  
+
| [[1.0.0-0]]
|  
+
| Main-only
 +
| [[HTTPC:OpenClientCertContext|OpenClientCertContext]]
 
|-
 
|-
 
| 0x00330040
 
| 0x00330040
|  
+
| [[1.0.0-0]]
|  
+
| Main-only
 +
| [[HTTPC:OpenDefaultClientCertContext|OpenDefaultClientCertContext]]
 
|-
 
|-
 
| 0x00340040
 
| 0x00340040
|  
+
| [[1.0.0-0]]
|  
+
| Main-only
 +
| [[HTTPC:CloseClientCertContext|CloseClientCertContext]]
 
|-
 
|-
 
| 0x00350186
 
| 0x00350186
|  
+
| [[1.0.0-0]]
 +
| Main-only
 
| SetDefaultProxy
 
| SetDefaultProxy
 
|-
 
|-
 
| 0x00360000
 
| 0x00360000
 +
| [[1.0.0-0]]
 
|  
 
|  
 
| ClearDNSCache
 
| ClearDNSCache
 
|-
 
|-
 
| 0x00370080
 
| 0x00370080
 +
| [[2.0.0-2|2.0.0-X]]
 
|  
 
|  
 
| SetKeepAlive (bool)
 
| SetKeepAlive (bool)
 
|-
 
|-
 
| 0x003800C0
 
| 0x003800C0
| Unknown, >[[2.0.0-2|2.0.0-X]].
+
| [[3.0.0-5|3.0.0-X]].
 +
|
 
| SetPostDataTypeSize (u8 enum, u32 size) (similar to SetPostDataType)
 
| SetPostDataTypeSize (u8 enum, u32 size) (similar to SetPostDataType)
 
|-
 
|-
 
| 0x00390000
 
| 0x00390000
| Unknown, >[[2.0.0-2|2.0.0-X]].
+
| [[3.0.0-5|3.0.0-X]].
 +
|
 
| Finalize
 
| Finalize
 
|-
 
|-
| 0x003A....
+
| 0x003A0080
| Unknown, >[[2.0.0-2|2.0.0-X]].
+
| [[8.0.0-18|8.0.0-X]]
|
+
|  
 +
|SetKeepAlive?
 
|-
 
|-
 
| 0x003B0082
 
| 0x003B0082
| Unknown, >[[2.0.0-2|2.0.0-X]].
+
| [[9.0.0-20|9.0.0-X]]
|
+
|  
 +
|SetCrl
 
|-
 
|-
| 0x003C....
+
| 0x003C0080
| Unknown, >[[2.0.0-2|2.0.0-X]].
+
| [[9.0.0-20|9.0.0-X]]
|
+
|  
 +
|SetInternalCrl
 
|-
 
|-
| 0x003D....
+
| 0x003D0080
| Unknown, >[[2.0.0-2|2.0.0-X]].
+
| [[9.0.0-20|9.0.0-X]]
|
+
|  
 +
|SetCrlStore
 
|-
 
|-
| 0x003E....
+
| 0x003E0000
| Unknown, >[[2.0.0-2|2.0.0-X]].
+
| [[9.0.0-20|9.0.0-X]]
|
+
|  
 +
|CreateCrlStore
 
|-
 
|-
| 0x003F....
+
| 0x003F0040
| Unknown, >[[2.0.0-2|2.0.0-X]].
+
| [[9.0.0-20|9.0.0-X]]
|
+
|  
 +
|DestroyCrlStore
 
|-
 
|-
 
| 0x00400082
 
| 0x00400082
| Unknown, >[[2.0.0-2|2.0.0-X]].
+
| [[9.0.0-20|9.0.0-X]]
|
+
|  
 +
|AddCrlToCrlStore
 
|-
 
|-
| 0x0041....
+
| 0x00410080
| Unknown, >[[2.0.0-2|2.0.0-X]].
+
| [[9.0.0-20|9.0.0-X]]
|
+
|  
 +
|AddInternalCrl
 
|-
 
|-
| 0x0042....
+
| 0x00420040
| Unknown, >[[2.0.0-2|2.0.0-X]].
+
| [[9.0.0-20|9.0.0-X]]
|
+
|  
 +
|RemoveCrlFromCrlStore
 
|}
 
|}
  
Line 275: Line 342:
 
Initially a HTTP context will not trust ''any'' root-CAs at all. Which root-CAs to trust must be ''explicitly'' specified via the add-root-CA service command(s).
 
Initially a HTTP context will not trust ''any'' root-CAs at all. Which root-CAs to trust must be ''explicitly'' specified via the add-root-CA service command(s).
  
RootCertChains can be used to easily select a particular chain of trusted root-CAs with multiple HTTP contexts, without having to re-send each of the root-CA commands for each HTTP context. The maximum number of RootCertChains that can exist for a HTTPC service session handle, is only 1.
+
RootCertChains can be used to easily select a particular chain of trusted root-CAs with multiple HTTP contexts, without having to re-send each of the root-CA commands for each HTTP context. The maximum number of RootCertChains that can exist for an user-process, is only 2.
 +
 
 +
When using the context-specific RootCA commands such as [[HTTPC:AddTrustedRootCA]] where [[HTTPC:SelectRootCertChain]] was already used, the cert will just be added to the selected RootCertChain.
 +
 
 +
=ClientCert Contexts=
 +
These are basically the same as RootCertChains except for TLS client cert+privk. The maximum number of ClientCert-contexts that can exist for an user-process, is only 2.
  
 
= Error codes =
 
= Error codes =
Line 284: Line 356:
 
|-
 
|-
 
| 0xd8a0a03c
 
| 0xd8a0a03c
| The HTTPS server's TLS certificate is signed by an unknown/not-trusted root CA.
+
| Failed to verify the HTTPS server's TLS certificate.
 
|-
 
|-
 
| 0xd8a0a046
 
| 0xd8a0a046
| This is returned by [[HTTPC:Initialize]] when no network connection is available(or at least when wifi is disabled via Home Menu on New3DS).
+
| This is returned by [[HTTPC:Initialize]] when no network connection is available(or at least when wifi is disabled via Home Menu on New3DS). Seems to be caused by DNS lookup failure([[SOCU:getaddrinfo]] returning an error).
 +
|-
 +
| 0xd8a0a049
 +
| Seems to be caused by a socket connect() timeout error?
 
|-
 
|-
 
| 0xd8a0a066
 
| 0xd8a0a066
 
| This indicates that the context handle is wrong.
 
| This indicates that the context handle is wrong.
 +
|-
 +
| 0xd820a069
 +
| This is returned when the call times out (with any call with a timeout arg)
 
|}
 
|}

Latest revision as of 18:24, 3 June 2017

HTTP service "http:C"[edit]

Command Header Available since system-version Available from service-sessions Description
0x00010044 1.0.0-0 Initialize
0x00020082 1.0.0-0 Main-only CreateContext
0x00030040 1.0.0-0 All CloseContext
0x00040040 1.0.0-0 CancelConnection
0x00050040 1.0.0-0 GetRequestState
0x00060040 1.0.0-0 GetDownloadSizeState
0x00070040 1.0.0-0 GetRequestError
0x00080042 1.0.0-0 InitializeConnectionSession
0x00090040 1.0.0-0 BeginRequest
0x000A0040 1.0.0-0 BeginRequestAsync
0x000B0082 1.0.0-0 ReceiveData
0x000C0102 1.0.0-0 ReceiveDataTimeout
0x000D0146 1.0.0-0 SetProxy
0x000E0040 1.0.0-0 SetProxyDefault
0x000F00C4 1.0.0-0 SetBasicAuthorization
0x00100080 1.0.0-0 Context-only SetSocketBufferSize
0x001100C4 1.0.0-0 AddRequestHeader
0x001200C4 1.0.0-0 AddPostDataAscii
0x001300C4 1.0.0-0 AddPostDataBinary
0x00140082 1.0.0-0 AddPostDataRaw
0x00150080 1.0.0-0 SetPostDataType(u8 enum)
0x001600C4 1.0.0-0 SendPostDataAscii
0x00170144 1.0.0-0 SendPostDataAsciiTimeout
0x001800C4 1.0.0-0 SendPostDataBinary
0x00190144 1.0.0-0 SendPostDataBinaryTimeout
0x001A0082 1.0.0-0 SendPostDataRaw
0x001B0102 1.0.0-0 SendPOSTDataRawTimeout
0x001C0080 1.0.0-0 SetPostDataEncoding
0x001D0040 1.0.0-0 NotifyFinishSendPostData
0x001E00C4 1.0.0-0 GetResponseHeader
0x001F0144 1.0.0-0 GetResponseHeaderTimeout
0x00200082 1.0.0-0 GetResponseData
0x00210102 1.0.0-0 GetResponseDataTimeout
0x00220040 1.0.0-0 GetResponseStatusCode
0x002300C0 1.0.0-0 GetResponseStatusCodeTimeout
0x00240082 1.0.0-0 AddTrustedRootCA
0x00250080 1.0.0-0 AddDefaultCert
0x00260080 1.0.0-0 SelectRootCertChain
0x002700C4 1.0.0-0 SetClientCert
0x00280080 1.0.0-0 Context-only SetClientCertDefault
0x00290080 1.0.0-0 Context-only SetClientCertContext
0x002A0040 1.0.0-0 All (u32 contexthandle) GetSSLError? This loads a value from state, this doesn't seem to use any sslc command.
0x002B0080 1.0.0-0 Context-only SetSSLOpt
0x002C0080 1.0.0-0 Context-only SetSSLClearOpt
0x002D0000 1.0.0-0 Main-only CreateRootCertChain
0x002E0040 1.0.0-0 Main-only DestroyRootCertChain
0x002F0082 1.0.0-0 Main-only RootCertChainAddCert
0x00300080 1.0.0-0 Main-only RootCertChainAddDefaultCert
0x00310080 1.0.0-0 Main-only RootCertChainRemoveCert
0x00320084 1.0.0-0 Main-only OpenClientCertContext
0x00330040 1.0.0-0 Main-only OpenDefaultClientCertContext
0x00340040 1.0.0-0 Main-only CloseClientCertContext
0x00350186 1.0.0-0 Main-only SetDefaultProxy
0x00360000 1.0.0-0 ClearDNSCache
0x00370080 2.0.0-X SetKeepAlive (bool)
0x003800C0 3.0.0-X. SetPostDataTypeSize (u8 enum, u32 size) (similar to SetPostDataType)
0x00390000 3.0.0-X. Finalize
0x003A0080 8.0.0-X SetKeepAlive?
0x003B0082 9.0.0-X SetCrl
0x003C0080 9.0.0-X SetInternalCrl
0x003D0080 9.0.0-X SetCrlStore
0x003E0000 9.0.0-X CreateCrlStore
0x003F0040 9.0.0-X DestroyCrlStore
0x00400082 9.0.0-X AddCrlToCrlStore
0x00410080 9.0.0-X AddInternalCrl
0x00420040 9.0.0-X RemoveCrlFromCrlStore

TLS Root CAs[edit]

Initially a HTTP context will not trust any root-CAs at all. Which root-CAs to trust must be explicitly specified via the add-root-CA service command(s).

RootCertChains can be used to easily select a particular chain of trusted root-CAs with multiple HTTP contexts, without having to re-send each of the root-CA commands for each HTTP context. The maximum number of RootCertChains that can exist for an user-process, is only 2.

When using the context-specific RootCA commands such as HTTPC:AddTrustedRootCA where HTTPC:SelectRootCertChain was already used, the cert will just be added to the selected RootCertChain.

ClientCert Contexts[edit]

These are basically the same as RootCertChains except for TLS client cert+privk. The maximum number of ClientCert-contexts that can exist for an user-process, is only 2.

Error codes[edit]

Error code Description
0xd8a0a03c Failed to verify the HTTPS server's TLS certificate.
0xd8a0a046 This is returned by HTTPC:Initialize when no network connection is available(or at least when wifi is disabled via Home Menu on New3DS). Seems to be caused by DNS lookup failure(SOCU:getaddrinfo returning an error).
0xd8a0a049 Seems to be caused by a socket connect() timeout error?
0xd8a0a066 This indicates that the context handle is wrong.
0xd820a069 This is returned when the call times out (with any call with a timeout arg)