SSL_get_peer_certificate(3) OpenSSL SSL_get_peer_certificate(3)NAME
SSL_get_peer_certificate - get the X509 certificate of the peer
LIBRARY
libcrypto, -lcrypto
SYNOPSIS
#include <openssl/ssl.h>
X509 *SSL_get_peer_certificate(const SSL *ssl);
DESCRIPTION
SSL_get_peer_certificate() returns a pointer to the X509 certificate the peer presented. If the peer did not present a certificate, NULL is
returned.
NOTES
Due to the protocol definition, a TLS/SSL server will always send a certificate, if present. A client will only send a certificate when
explicitly requested to do so by the server (see SSL_CTX_set_verify(3)). If an anonymous cipher is used, no certificates are sent.
That a certificate is returned does not indicate information about the verification state, use SSL_get_verify_result(3) to check the
verification state.
The reference count of the X509 object is incremented by one, so that it will not be destroyed when the session containing the peer
certificate is freed. The X509 object must be explicitly freed using X509_free().
RETURN VALUES
The following return values can occur:
NULL
No certificate was presented by the peer or no connection was established.
Pointer to an X509 certificate
The return value points to the certificate presented by the peer.
SEE ALSO ssl(3), SSL_get_verify_result(3), SSL_CTX_set_verify(3)1.0.1i 2009-07-20 SSL_get_peer_certificate(3)
Check Out this Related Man Page
SSL_get_peer_certificate(3) OpenSSL SSL_get_peer_certificate(3)NAME
SSL_get_peer_certificate - get the X509 certificate of the peer
SYNOPSIS
#include <openssl/ssl.h>
X509 *SSL_get_peer_certificate(SSL *ssl);
DESCRIPTION
SSL_get_peer_certificate() returns a pointer to the X509 certificate the peer presented. If the peer did not present a certificate, NULL is
returned.
NOTES
Due to the protocol definition, a TLS/SSL server will always send a certificate, if present. A client will only send a certificate when
explicitly requested to do so by the server (see SSL_CTX_set_verify(3)). If an anonymous cipher is used, no certificates are sent.
That a certificate is returned does not indicate information about the verification state, use SSL_get_verify_result(3) to check the veri-
fication state.
The reference count of the X509 object is incremented by one, so that it will not be destroyed when the session containing the peer cer-
tificate is freed. The X509 object must be explicitly freed using X509_free().
RETURN VALUES
The following return values can occur:
NULL
No certificate was presented by the peer or no connection was established.
Pointer to an X509 certificate
The return value points to the certificate presented by the peer.
SEE ALSO ssl(3), SSL_get_verify_result(3), SSL_CTX_set_verify(3)0.9.7d 2002-12-01 SSL_get_peer_certificate(3)
Hello all,
we have the following problem: Just today the ssl certificate (intermediate from verisign) needs to be changed because it is running off. Now, after we installed the new certificate, we see by using mozilla 1.5 that the certificate is correctly used. But when we use IE version 6.0,... (2 Replies)
Hello,
I want to automate the process of importing a SSL certificate name *.cer to cacerts through perl script. both the certificates belong to same folder.
The usual way of doing it is by executing the below command which imports the key name certnew.cer to cacerts in the same folder.
... (4 Replies)
My current SSL certificate is about to expire in a couple days so I got a new one via Godaddy and need to install the new one. My server is running Centos 4.x with Blue quartz as the backend. Now BQ does have an SSL import option via the GUI but I'm not sure what route to take to import the... (1 Reply)
HI,
I want to know the certificate expiry dates and who is owner of the certificate installed in UNIX.
example certiface name
1)SSL
2)Veri Sign Trust Network (1 Reply)
hi, everyone.
i am having trouble configuring SSL for an IBM HTTP Server. system is running websphere with oracle db on aix5.3tl10.
looking at google, the best way to generate ssl is with ikeyman. however, the gui has been disabled, so i only have the command line to work from.
please help (1 Reply)
we are doing TCP for our systems. I have a working SSL certificate on prodction webserver. Im planning to export it to our DR server for TCP purposes. However when I export based on the procedure below, it doesn't work. When I restart the DR webserver, it still says the certifcate is expired.Any... (1 Reply)
Hi,
I want to renew the ssl certificate for one of my application on tomcat without down time. I want to know what would the possible impacts for the users who currently have sessions to the app.
Regards,
Arumon (1 Reply)
We have a RHEL 5.8 server at the production level and we have a Java application on this server. I know of the SSL certificate generation at the OS (RHEL) level but it is implemented on the Java application by our development team using the Java keytool. My doubt is that is the SSL generation can... (3 Replies)
Hi everyone,
I am working on a Nginx + Apache installation for learning purposes, and just got to the point of installing a self-signed certificate for securing some pages that will be used to send "sensitive" information such as login credentials. So far so good.
What a I want to know is how can... (2 Replies)
Hey everyone, another question on certificate chains...
When a site applies for an ssl certificate, do they have to apply to a root CA? or can they apply to a root, or one of the many smaller CA companies? Then once they obtain a cert from that smaller CA, the company gets it's cert signed by a... (1 Reply)
Hi Team,
I understand that this query does not involve Unix exactly, but can anyone give me pointers as to know which Servers host a particular certificate i.e xyz.intra.com . The Development team has left long back and we have no idea how to ascertain on which servers the certificate is hosted... (1 Reply)
Hi Guys,
I am new to this fourm. Need your help to complete my requirment.
Below is my requirment.
Have to check expiry of the certificate. Compare the certificate expiry date with current date. If the difference is less than 30 days, need to send mail.
#!/usr/bin/ksh... (2 Replies)
:rolleyes:I am trying to setup all certificate based client-server environment in Linux using vsftpd and curl with openssl.
I would like to make a user access with vsftpd certificate and user own client certificate (self-signed) with private/public key.
I don't see google posts about the my plan... (4 Replies)
Anyone have any procedures or tutorials on how to change the self-signed certificate on the IBM AIX VIOS Intergrated Virtulization Manager web site?
I've googled till my fingers broke and most links take me to generic replacements for IBM products that I don't have.
Any help is appreciated.... (3 Replies)