SSL_GET_PEER_CERT_CHA... BSD Library Functions Manual SSL_GET_PEER_CERT_CHA...NAMESSL_get_peer_cert_chain — get the X509 certificate chain of the peer
SYNOPSIS
#include <openssl/ssl.h>
STACK_OF(X509) *
SSL_get_peer_cert_chain(const SSL *ssl);
DESCRIPTIONSSL_get_peer_cert_chain() returns a pointer to STACK_OF(X509) certifi‐
cates forming the certificate chain of the peer. If called on the client
side, the stack also contains the peer's certificate; if called on the
server side, the peer's certificate must be obtained separately using
SSL_get_peer_certificate(3). If the peer did not present a certificate,
NULL is returned.
NOTES
The peer certificate chain is not necessarily available after reusing a
session, in which case a NULL pointer is returned.
The reference count of the STACK_OF(X509) object is not incremented. If
the corresponding session is freed, the pointer must not be used any
longer.
RETURN VALUES
The following return values can occur:
NULL No certificate was presented by the peer or no connection was
established or the certificate chain is no longer available when
a session is reused.
Pointer to a STACK_OF(X509)
The return value points to the certificate chain presented by the
peer.
SEE ALSOssl(3), SSL_get_peer_certificate(3)BSD April 28, 2024 BSD