SSL_GET_PEER_CERTIFICATE(3) OpenSSL SSL_GET_PEER_CERTIFICATE(3)
SSL_get_peer_certificate - get the X509 certificate of the
peer
#include <openssl/ssl.h>
X509 *SSL_get_peer_certificate(const SSL *ssl);
SSL_get_peer_certificate() returns a pointer to the X509
certificate the peer presented. If the peer did not present
a certificate, NULL is returned.
Due to the protocol definition, a TLS/SSL server will always
send a certificate, if present. A client will only send a
certificate when explicitly requested to do so by the server
(see SSL_CTX_set_verify(3)). If an anonymous cipher is used,
no certificates are sent.
That a certificate is returned does not indicate information
about the verification state, use SSL_get_verify_result(3)
to check the verification state.
The reference count of the X509 object is incremented by
one, so that it will not be destroyed when the session con-
taining the peer certificate is freed. The X509 object must
be explicitly freed using X509_free().
The following return values can occur:
NULL
No certificate was presented by the peer or no connec-
tion was established.
Pointer to an X509 certificate
The return value points to the certificate presented by
the peer.
ssl(3), SSL_get_verify_result(3), SSL_CTX_set_verify(3)
MirOS BSD #10-current 2005-04-29 1
Generated on 2012-02-20 02:47:02 by $MirOS: src/scripts/roff2htm,v 1.70 2011/12/03 18:21:12 tg Exp $
These manual pages and other documentation are copyrighted by their respective writers;
their source is available at our CVSweb,
AnonCVS, and other mirrors. The rest is Copyright © 2002‒2011 The MirOS Project, Germany.
This product includes material
provided by Thorsten Glaser.
This manual page’s HTML representation is supposed to be valid XHTML/1.1; if not, please send a bug report – diffs preferred.