SSL_get_peer_certificate - Get the X509 certificate of the
SSL *ssl );
The SSL_get_peer_certificate() function returns a pointer
to the X509 certificate the peer presented. If the peer
did not present a certificate, NULL is returned.
Due to the protocol definition, a TLS/SSL server will
always send a certificate, if present. A client will only
send a certificate when explicitly requested to do so by
the server. (See SSL_CTX_set_verify()). If an anonymous
cipher is used, no certificates are sent.
The reference count of the X509 object is incremented by
one, so that it will not be destroyed when the session
containing the peer certificate is freed. The X509 object
must be explicitly freed using the X509_free() function.
The following return values can occur: No certificate was
presented by the peer or no connection was established.
The return value points to the certificate presented by
Functions: ssl(3), SSL_get_verify_result(3),
[ Back ]