1. Manuals
  2. Tumbleweed
  3. libressl-devel-doc
  4. SSL_get_verify_result(3ssl)

Scroll to navigation

SSL_GET_VERIFY_RESULT(3) Library Functions Manual SSL_GET_VERIFY_RESULT(3)

NAME

SSL_get_verify_resultget result of peer certificate verification

SYNOPSIS

#include <openssl/ssl.h>

long
SSL_get_verify_result(const SSL *ssl);

DESCRIPTION

() returns the result of the verification of the X509 certificate presented by the peer, if any.

() can only return one error code while the verification of a certificate can fail because of many reasons at the same time. Only the last verification error that occurred during the processing is available from SSL_get_verify_result().

The verification result is part of the established session and is restored when a session is reused.

RETURN VALUES

The following return values can currently occur:

The verification succeeded or no peer certificate was presented.
Any other value
Documented in openssl(1).

SEE ALSO

openssl(1), ssl(3), SSL_CTX_set_verify(3), SSL_get0_peername(3), SSL_get_peer_certificate(3), SSL_set_verify_result(3)

HISTORY

SSL_get_verify_result() first appeared in SSLeay 0.6.1 and has been available since OpenBSD 2.4.

BUGS

If no peer certificate was presented, the returned result code is X509_V_OK. This is because no verification error occurred; however, it does not indicate success. SSL_get_verify_result() is only useful in connection with SSL_get_peer_certificate(3).

June 26, 2021 Linux 6.4.0-150600.23.25-default