SSL_get_peer_certificate 3 2005-04-23 0.9.9-dev OpenSSL

NAME

SSL_get_peer_certificate - get the X509 certificate of the peer

LIBRARY

libcrypto, -lcrypto

SYNOPSIS


 #include 


 X509 *SSL_get_peer_certificate(const SSL *ssl);

DESCRIPTION

_S_S_L___g_e_t___p_e_e_r___c_e_r_t_i_f_i_c_a_t_e_(_) returns a pointer to the X509 certificate the peer presented. If the peer did not present a certificate, NULL is returned.

NOTES

Due to the protocol definition, a TLS/SSL server will always send a certificate, if present. A client will only send a certificate when explicitly requested to do so by the server (see _S_S_L___C_T_X___s_e_t___v_e_r_i_f_y(3)). If an anonymous cipher is used, no certificates are sent.

That a certificate is returned does not indicate information about the verification state, use _S_S_L___g_e_t___v_e_r_i_f_y___r_e_s_u_l_t(3) to check the verification state.

The reference count of the X509 object is incremented by one, so that it will not be destroyed when the session containing the peer certificate is freed. The X509 object must be explicitly freed using _X_5_0_9___f_r_e_e_(_).

RETURN VALUES

The following return values can occur:
NULL No certificate was presented by the peer or no connection was established.
Pointer to an X509 certificate The return value points to the certificate presented by the peer.

SEE ALSO

_s_s_l(3), _S_S_L___g_e_t___v_e_r_i_f_y___r_e_s_u_l_t(3), _S_S_L___C_T_X___s_e_t___v_e_r_i_f_y(3)