Scroll to navigation

X509_VERIFY_CERT(3) Library Functions Manual X509_VERIFY_CERT(3)

NAME

X509_verify_certdiscover and verify X509 certificate chain

SYNOPSIS

#include <openssl/x509.h>

int
X509_verify_cert(X509_STORE_CTX *ctx);

DESCRIPTION

The () function attempts to discover and validate a certificate chain based on parameters in ctx.

Applications rarely call this function directly, but it is used by OpenSSL internally for certificate validation, in both the S/MIME and SSL/TLS code.

RETURN VALUES

If a complete chain can be built and validated this function returns 1, otherwise it returns a value <= 0 indicating failure.

Additional error information can be obtained by examining ctx, using X509_STORE_CTX_get_error(3).

SEE ALSO

openssl(1), X509_STORE_CTX_get_error(3), X509_STORE_CTX_new(3)

HISTORY

X509_verify_cert() first appeared in SSLeay 0.8.0 and has been available since OpenBSD 2.4.

BUGS

This function uses the header <openssl/x509.h> as opposed to most chain verification functions which use <openssl/x509_vfy.h>.

June 6, 2019 Linux 6.4.0-150600.23.25-default