- NetBSD Manual Pages
SSL_get_peer_certificate(3) OpenSSL SSL_get_peer_certificate(3)
Powered by man-cgi (2021-06-01).
Maintained for NetBSD
by Kimmo Suominen.
Based on man-cgi by Panagiotis Christias.
SSL_get_peer_certificate - get the X509 certificate of the peer
X509 *SSL_get_peer_certificate(const SSL *ssl);
SSL_get_peer_certificate() returns a pointer to the X509 certificate
the peer presented. If the peer did not present a certificate, NULL is
Due to the protocol definition, a TLS/SSL server will always send a
certificate, if present. A client will only send a certificate when
explicitly requested to do so by the server (see SSL_CTX_set_ver-
ify(3)). If an anonymous cipher is used, no certificates are sent.
That a certificate is returned does not indicate information about the
verification state, use SSL_get_verify_result(3) to check the verifica-
The reference count of the X509 object is incremented by one, so that
it will not be destroyed when the session containing the peer certifi-
cate is freed. The X509 object must be explicitly freed using
The following return values can occur:
No certificate was presented by the peer or no connection was
Pointer to an X509 certificate
The return value points to the certificate presented by the peer.
ssl(3), SSL_get_verify_result(3), SSL_CTX_set_verify(3)
0.9.8e 2005-04-23 SSL_get_peer_certificate(3)