You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
55 lines
1.4 KiB
55 lines
1.4 KiB
=pod |
|
|
|
=head1 NAME |
|
|
|
SSL_get_peer_certificate - get the X509 certificate of the peer |
|
|
|
=head1 SYNOPSIS |
|
|
|
#include <openssl/ssl.h> |
|
|
|
X509 *SSL_get_peer_certificate(const SSL *ssl); |
|
|
|
=head1 DESCRIPTION |
|
|
|
SSL_get_peer_certificate() returns a pointer to the X509 certificate the |
|
peer presented. If the peer did not present a certificate, NULL is returned. |
|
|
|
=head1 NOTES |
|
|
|
Due to the protocol definition, a TLS/SSL server will always send a |
|
certificate, if present. A client will only send a certificate when |
|
explicitly requested to do so by the server (see |
|
L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>). If an anonymous cipher |
|
is used, no certificates are sent. |
|
|
|
That a certificate is returned does not indicate information about the |
|
verification state, use L<SSL_get_verify_result(3)|SSL_get_verify_result(3)> |
|
to check the verification state. |
|
|
|
The reference count of the X509 object is incremented by one, so that it |
|
will not be destroyed when the session containing the peer certificate is |
|
freed. The X509 object must be explicitly freed using X509_free(). |
|
|
|
=head1 RETURN VALUES |
|
|
|
The following return values can occur: |
|
|
|
=over 4 |
|
|
|
=item NULL |
|
|
|
No certificate was presented by the peer or no connection was established. |
|
|
|
=item Pointer to an X509 certificate |
|
|
|
The return value points to the certificate presented by the peer. |
|
|
|
=back |
|
|
|
=head1 SEE ALSO |
|
|
|
L<ssl(3)|ssl(3)>, L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>, |
|
L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)> |
|
|
|
=cut
|
|
|