]>
Commit | Line | Data |
---|---|---|
4759abc5 RL |
1 | =pod |
2 | ||
3 | =head1 NAME | |
4 | ||
5 | SSL_get_peer_certificate - get the X509 certificate of the peer | |
6 | ||
7 | =head1 SYNOPSIS | |
8 | ||
9 | #include <openssl/ssl.h> | |
10 | ||
c3e64028 | 11 | X509 *SSL_get_peer_certificate(const SSL *ssl); |
4759abc5 RL |
12 | |
13 | =head1 DESCRIPTION | |
14 | ||
15 | SSL_get_peer_certificate() returns a pointer to the X509 certificate the | |
16 | peer presented. If the peer did not present a certificate, NULL is returned. | |
17 | ||
18 | =head1 NOTES | |
19 | ||
19732245 LJ |
20 | Due to the protocol definition, a TLS/SSL server will always send a |
21 | certificate, if present. A client will only send a certificate when | |
3b80e3aa | 22 | explicitly requested to do so by the server (see |
9b86974e | 23 | L<SSL_CTX_set_verify(3)>). If an anonymous cipher |
19732245 LJ |
24 | is used, no certificates are sent. |
25 | ||
4759abc5 | 26 | That a certificate is returned does not indicate information about the |
9b86974e | 27 | verification state, use L<SSL_get_verify_result(3)> |
4759abc5 RL |
28 | to check the verification state. |
29 | ||
30 | The reference count of the X509 object is incremented by one, so that it | |
31 | will not be destroyed when the session containing the peer certificate is | |
52d160d8 | 32 | freed. The X509 object must be explicitly freed using X509_free(). |
4759abc5 RL |
33 | |
34 | =head1 RETURN VALUES | |
35 | ||
36 | The following return values can occur: | |
37 | ||
38 | =over 4 | |
39 | ||
40 | =item NULL | |
41 | ||
42 | No certificate was presented by the peer or no connection was established. | |
43 | ||
44 | =item Pointer to an X509 certificate | |
45 | ||
46 | The return value points to the certificate presented by the peer. | |
47 | ||
48 | =back | |
49 | ||
50 | =head1 SEE ALSO | |
51 | ||
b97fdb57 | 52 | L<ssl(7)>, L<SSL_get_verify_result(3)>, |
9b86974e | 53 | L<SSL_CTX_set_verify(3)> |
4759abc5 | 54 | |
e2f92610 RS |
55 | =head1 COPYRIGHT |
56 | ||
57 | Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved. | |
58 | ||
4746f25a | 59 | Licensed under the Apache License 2.0 (the "License"). You may not use |
e2f92610 RS |
60 | this file except in compliance with the License. You can obtain a copy |
61 | in the file LICENSE in the source distribution or at | |
62 | L<https://www.openssl.org/source/license.html>. | |
63 | ||
64 | =cut |