freebsd-nq/crypto/openssl/doc/ssl/SSL_get_peer_cert_chain.pod

53 lines
1.3 KiB
Plaintext
Raw Normal View History

2000-11-13 01:03:58 +00:00
=pod
=head1 NAME
SSL_get_peer_cert_chain - get the X509 certificate chain of the peer
=head1 SYNOPSIS
#include <openssl/ssl.h>
STACK_OF(X509) *SSL_get_peer_cert_chain(const SSL *ssl);
2000-11-13 01:03:58 +00:00
=head1 DESCRIPTION
SSL_get_peer_cert_chain() returns a pointer to STACK_OF(X509) certificates
2000-11-13 01:03:58 +00:00
forming the certificate chain of the peer. If called on the client side,
the stack also contains the peer's certificate; if called on the server
2001-05-20 03:07:21 +00:00
side, the peer's certificate must be obtained separately using
2000-11-13 01:03:58 +00:00
L<SSL_get_peer_certificate(3)|SSL_get_peer_certificate(3)>.
If the peer did not present a certificate, NULL is returned.
=head1 NOTES
The peer certificate chain is not necessarily available after reusing
a session, in which case a NULL pointer is returned.
The reference count of the STACK_OF(X509) object is not incremented.
2000-11-13 01:03:58 +00:00
If the corresponding session is freed, the pointer must not be used
any longer.
=head1 RETURN VALUES
The following return values can occur:
=over 4
=item NULL
No certificate was presented by the peer or no connection was established
or the certificate chain is no longer available when a session is reused.
=item Pointer to a STACK_OF(X509)
2000-11-13 01:03:58 +00:00
The return value points to the certificate chain presented by the peer.
=back
=head1 SEE ALSO
L<ssl(3)|ssl(3)>, L<SSL_get_peer_certificate(3)|SSL_get_peer_certificate(3)>
=cut