1=pod 2 3=head1 NAME 4 5X509_verify_cert - discover and verify X509 certificte chain 6 7=head1 SYNOPSIS 8 9 #include <openssl/x509.h> 10 11 int X509_verify_cert(X509_STORE_CTX *ctx); 12 13=head1 DESCRIPTION 14 15The X509_verify_cert() function attempts to discover and validate a 16certificate chain based on parameters in B<ctx>. A complete description of 17the process is contained in the L<verify(1)|verify(1)> manual page. 18 19=head1 RETURN VALUES 20 21If a complete chain can be built and validated this function returns 1, 22otherwise it return zero, in exceptional circumstances it can also 23return a negative code. 24 25If the function fails additional error information can be obtained by 26examining B<ctx> using, for example X509_STORE_CTX_get_error(). 27 28=head1 NOTES 29 30Applications rarely call this function directly but it is used by 31OpenSSL internally for certificate validation, in both the S/MIME and 32SSL/TLS code. 33 34The negative return value from X509_verify_cert() can only occur if no 35certificate is set in B<ctx> (due to a programming error) or if a retry 36operation is requested during internal lookups (which never happens with 37standard lookup methods). It is however recommended that application check 38for <= 0 return value on error. 39 40=head1 BUGS 41 42This function uses the header B<x509.h> as opposed to most chain verification 43functiosn which use B<x509_vfy.h>. 44 45=head1 SEE ALSO 46 47L<X509_STORE_CTX_get_error(3)|X509_STORE_CTX_get_error(3)> 48 49=head1 HISTORY 50 51X509_verify_cert() is available in all versions of SSLeay and OpenSSL. 52 53=cut 54