1.\" 2.\" $OpenBSD: SSL_get_peer_cert_chain.3,v 1.1 2016/11/05 15:32:20 schwarze Exp $ 3.\" 4.Dd $Mdocdate: November 5 2016 $ 5.Dt SSL_GET_PEER_CERT_CHAIN 3 6.Os 7.Sh NAME 8.Nm SSL_get_peer_cert_chain 9.Nd get the X509 certificate chain of the peer 10.Sh SYNOPSIS 11.In openssl/ssl.h 12.Ft STACK_OF(X509) * 13.Fn SSL_get_peer_cert_chain "const SSL *ssl" 14.Sh DESCRIPTION 15.Fn SSL_get_peer_cert_chain 16returns a pointer to 17.Dv STACK_OF Ns Po Vt X509 Pc 18certificates forming the certificate chain of the peer. 19If called on the client side, the stack also contains the peer's certificate; 20if called on the server side, the peer's certificate must be obtained 21separately using 22.Xr SSL_get_peer_certificate 3 . 23If the peer did not present a certificate, 24.Dv NULL 25is returned. 26.Sh NOTES 27The peer certificate chain is not necessarily available after reusing a 28session, in which case a 29.Dv NULL 30pointer is returned. 31.Pp 32The reference count of the 33.Dv STACK_OF Ns Po Vt X509 Pc 34object is not incremented. 35If the corresponding session is freed, the pointer must not be used any longer. 36.Sh RETURN VALUES 37The following return values can occur: 38.Bl -tag -width Ds 39.It Dv NULL 40No certificate was presented by the peer or no connection was established or 41the certificate chain is no longer available when a session is reused. 42.It Pointer to a Dv STACK_OF Ns Po X509 Pc 43The return value points to the certificate chain presented by the peer. 44.El 45.Sh SEE ALSO 46.Xr ssl 3 , 47.Xr SSL_get_peer_certificate 3 48