1--- 2c: Copyright (C) Daniel Stenberg, <daniel.se>, et al. 3SPDX-License-Identifier: curl 4Title: CURLINFO_CERTINFO 5Section: 3 6Source: libcurl 7See-also: 8 - CURLINFO_CAPATH (3) 9 - curl_easy_getinfo (3) 10 - curl_easy_setopt (3) 11--- 12 13# NAME 14 15CURLINFO_CERTINFO - get the TLS certificate chain 16 17# SYNOPSIS 18 19~~~c 20#include <curl/curl.h> 21 22CURLcode curl_easy_getinfo(CURL *handle, CURLINFO_CERTINFO, 23 struct curl_certinfo **chainp); 24~~~ 25 26# DESCRIPTION 27 28Pass a pointer to a *struct curl_certinfo ** and it is set to point to a 29struct that holds info about the server's certificate chain, assuming you had 30CURLOPT_CERTINFO(3) enabled when the request was made. 31 32~~~c 33struct curl_certinfo { 34 int num_of_certs; 35 struct curl_slist **certinfo; 36}; 37~~~ 38 39The *certinfo* struct member is an array of linked lists of certificate 40information. The *num_of_certs* struct member is the number of certificates 41which is the number of elements in the array. Each certificate's list has 42items with textual information in the format "name:content" such as 43"Subject:Foo", "Issuer:Bar", etc. The items in each list varies depending on 44the SSL backend and the certificate. 45 46# PROTOCOLS 47 48All TLS-based 49 50# EXAMPLE 51 52~~~c 53int main(void) 54{ 55 CURL *curl = curl_easy_init(); 56 if(curl) { 57 CURLcode res; 58 curl_easy_setopt(curl, CURLOPT_URL, "https://www.example.com/"); 59 60 /* connect to any HTTPS site, trusted or not */ 61 curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L); 62 curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L); 63 64 curl_easy_setopt(curl, CURLOPT_CERTINFO, 1L); 65 66 res = curl_easy_perform(curl); 67 68 if(!res) { 69 int i; 70 struct curl_certinfo *ci; 71 res = curl_easy_getinfo(curl, CURLINFO_CERTINFO, &ci); 72 73 if(!res) { 74 printf("%d certs!\n", ci->num_of_certs); 75 76 for(i = 0; i < ci->num_of_certs; i++) { 77 struct curl_slist *slist; 78 79 for(slist = ci->certinfo[i]; slist; slist = slist->next) 80 printf("%s\n", slist->data); 81 } 82 } 83 } 84 curl_easy_cleanup(curl); 85 } 86} 87~~~ 88 89See also the *certinfo.c* example. 90 91# AVAILABILITY 92 93This option is only working in libcurl built with OpenSSL, GnuTLS, Schannel or 94Secure Transport. GnuTLS support added in 7.42.0. Schannel support added in 957.50.0. Secure Transport support added in 7.79.0. 96 97Added in 7.19.1 98 99# RETURN VALUE 100 101Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not. 102