NAME    [Toc]    [Back]

       SSL_get_peer_certificate - Get the X509 certificate of the
       peer

SYNOPSIS    [Toc]    [Back]

        #include <openssl/ssl.h>

       X509 *SSL_get_peer_certificate(
               SSL *ssl );

DESCRIPTION    [Toc]    [Back]

       The SSL_get_peer_certificate() function returns a  pointer
       to  the  X509  certificate the peer presented. If the peer
       did not present a certificate, NULL is returned.

NOTES    [Toc]    [Back]

       Due to the protocol  definition,  a  TLS/SSL  server  will
       always  send a certificate, if present. A client will only
       send a certificate when explicitly requested to do  so  by
       the  server.  (See SSL_CTX_set_verify()).  If an anonymous
       cipher is used, no certificates are sent.

       The reference count of the X509 object is  incremented  by
       one,  so  that  it  will not be destroyed when the session
       containing the peer certificate is freed. The X509  object
       must be explicitly freed using the X509_free() function.

RETURN VALUES    [Toc]    [Back]

       The  following return values can occur: No certificate was
       presented by the peer or no  connection  was  established.
       The  return  value  points to the certificate presented by
       the peer.

SEE ALSO    [Toc]    [Back]

       Functions:        ssl(3),        SSL_get_verify_result(3),
       SSL_CTX_set_verify(3)



                                      SSL_get_peer_certificate(3)