SSL_get_verify_result - get result of peer certificate verification
#include <openssl/ssl.h>
long SSL_get_verify_result(const SSL *ssl);
SSL_get_verify_result()
returns the result of the verification of the
X509 certificate presented by the peer, if any.
SSL_get_verify_result()
can only return one error code while the verification
of a certificate can fail because of many reasons at the same time. Only
the last verification error that occurred during the processing is available
from SSL_get_verify_result()
.
The verification result is part of the established session and is restored when a session is reused.
If no peer certificate was presented, the returned result code is
X509_V_OK. This is because no verification error occurred, it does however
not indicate success. SSL_get_verify_result()
is only useful in connection
with SSL_get_peer_certificate(3).
The following return values can currently occur:
The verification succeeded or no peer certificate was presented.
Documented in verify(1).
ssl(7), SSL_set_verify_result(3), SSL_get_peer_certificate(3), verify(1)
Copyright 2000-2016 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at https://www.openssl.org/source/license.html.