SSL_get_peer_certificate 3 2005-04-23 0.9.9-dev OpenSSL
NAME
SSL_get_peer_certificate - get the X509 certificate of the peer
LIBRARY
libcrypto, -lcrypto
SYNOPSIS
#include
X509 *SSL_get_peer_certificate(const SSL *ssl);
DESCRIPTION
_S_S_L___g_e_t___p_e_e_r___c_e_r_t_i_f_i_c_a_t_e_(_) returns a pointer to the X509 certificate the
peer presented. If the peer did not present a certificate, NULL is returned.
NOTES
Due to the protocol definition, a TLS/SSL server will always send a
certificate, if present. A client will only send a certificate when
explicitly requested to do so by the server (see
_S_S_L___C_T_X___s_e_t___v_e_r_i_f_y(3)). If an anonymous cipher
is used, no certificates are sent.
That a certificate is returned does not indicate information about the
verification state, use _S_S_L___g_e_t___v_e_r_i_f_y___r_e_s_u_l_t(3)
to check the verification state.
The reference count of the X509 object is incremented by one, so that it
will not be destroyed when the session containing the peer certificate is
freed. The X509 object must be explicitly freed using _X_5_0_9___f_r_e_e_(_).
RETURN VALUES
The following return values can occur:
-
NULL
No certificate was presented by the peer or no connection was established.
-
-
Pointer to an X509 certificate
The return value points to the certificate presented by the peer.
-
SEE ALSO
_s_s_l(3), _S_S_L___g_e_t___v_e_r_i_f_y___r_e_s_u_l_t(3),
_S_S_L___C_T_X___s_e_t___v_e_r_i_f_y(3)