168651Skris=pod 268651Skris 368651Skris=head1 NAME 468651Skris 568651SkrisSSL_get_peer_certificate - get the X509 certificate of the peer 668651Skris 768651Skris=head1 SYNOPSIS 868651Skris 968651Skris #include <openssl/ssl.h> 1068651Skris 11160814Ssimon X509 *SSL_get_peer_certificate(const SSL *ssl); 1268651Skris 1368651Skris=head1 DESCRIPTION 1468651Skris 1568651SkrisSSL_get_peer_certificate() returns a pointer to the X509 certificate the 1668651Skrispeer presented. If the peer did not present a certificate, NULL is returned. 1768651Skris 1868651Skris=head1 NOTES 1968651Skris 2079998SkrisDue to the protocol definition, a TLS/SSL server will always send a 2179998Skriscertificate, if present. A client will only send a certificate when 2289837Skrisexplicitly requested to do so by the server (see 2379998SkrisL<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>). If an anonymous cipher 2479998Skrisis used, no certificates are sent. 2579998Skris 2668651SkrisThat a certificate is returned does not indicate information about the 2768651Skrisverification state, use L<SSL_get_verify_result(3)|SSL_get_verify_result(3)> 2868651Skristo check the verification state. 2968651Skris 3068651SkrisThe reference count of the X509 object is incremented by one, so that it 3168651Skriswill not be destroyed when the session containing the peer certificate is 3276866Skrisfreed. The X509 object must be explicitly freed using X509_free(). 3368651Skris 3468651Skris=head1 RETURN VALUES 3568651Skris 3668651SkrisThe following return values can occur: 3768651Skris 3868651Skris=over 4 3968651Skris 4068651Skris=item NULL 4168651Skris 4268651SkrisNo certificate was presented by the peer or no connection was established. 4368651Skris 4468651Skris=item Pointer to an X509 certificate 4568651Skris 4668651SkrisThe return value points to the certificate presented by the peer. 4768651Skris 4868651Skris=back 4968651Skris 5068651Skris=head1 SEE ALSO 5168651Skris 5279998SkrisL<ssl(3)|ssl(3)>, L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>, 5379998SkrisL<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)> 5468651Skris 5568651Skris=cut 56