1e1051a39Sopenharmony_ci=pod 2e1051a39Sopenharmony_ci 3e1051a39Sopenharmony_ci=head1 NAME 4e1051a39Sopenharmony_ci 5e1051a39Sopenharmony_ciSSL_get_certificate, SSL_get_privatekey - retrieve TLS/SSL certificate and 6e1051a39Sopenharmony_ciprivate key 7e1051a39Sopenharmony_ci 8e1051a39Sopenharmony_ci=head1 SYNOPSIS 9e1051a39Sopenharmony_ci 10e1051a39Sopenharmony_ci #include <openssl/ssl.h> 11e1051a39Sopenharmony_ci 12e1051a39Sopenharmony_ci X509 *SSL_get_certificate(const SSL *s); 13e1051a39Sopenharmony_ci EVP_PKEY *SSL_get_privatekey(const SSL *s); 14e1051a39Sopenharmony_ci 15e1051a39Sopenharmony_ci=head1 DESCRIPTION 16e1051a39Sopenharmony_ci 17e1051a39Sopenharmony_ciSSL_get_certificate() returns a pointer to an B<X509> object representing a 18e1051a39Sopenharmony_cicertificate used as the local peer's identity. 19e1051a39Sopenharmony_ci 20e1051a39Sopenharmony_ciMultiple certificates can be configured; for example, a server might have both 21e1051a39Sopenharmony_ciRSA and ECDSA certificates. The certificate which is returned by 22e1051a39Sopenharmony_ciSSL_get_certificate() is determined as follows: 23e1051a39Sopenharmony_ci 24e1051a39Sopenharmony_ci=over 4 25e1051a39Sopenharmony_ci 26e1051a39Sopenharmony_ci=item 27e1051a39Sopenharmony_ci 28e1051a39Sopenharmony_ciIf it is called before certificate selection has occurred, it returns the most 29e1051a39Sopenharmony_cirecently added certificate, or NULL if no certificate has been added. 30e1051a39Sopenharmony_ci 31e1051a39Sopenharmony_ci=item 32e1051a39Sopenharmony_ci 33e1051a39Sopenharmony_ciAfter certificate selection has occurred, it returns the certificate which was 34e1051a39Sopenharmony_ciselected during the handshake, or NULL if no certificate was selected (for 35e1051a39Sopenharmony_ciexample, on a client where no client certificate is in use). 36e1051a39Sopenharmony_ci 37e1051a39Sopenharmony_ci=back 38e1051a39Sopenharmony_ci 39e1051a39Sopenharmony_ciCertificate selection occurs during the handshake; therefore, the value returned 40e1051a39Sopenharmony_ciby SSL_get_certificate() during any callback made during the handshake process 41e1051a39Sopenharmony_ciwill depend on whether that callback is made before or after certificate 42e1051a39Sopenharmony_ciselection occurs. 43e1051a39Sopenharmony_ci 44e1051a39Sopenharmony_ciA specific use for SSL_get_certificate() is inside a callback set via a call to 45e1051a39Sopenharmony_ciL<SSL_CTX_set_tlsext_status_cb(3)>. This callback occurs after certificate 46e1051a39Sopenharmony_ciselection, where it can be used to examine a server's chosen certificate, for 47e1051a39Sopenharmony_ciexample for the purpose of identifying a certificate's OCSP responder URL so 48e1051a39Sopenharmony_cithat an OCSP response can be obtained. 49e1051a39Sopenharmony_ci 50e1051a39Sopenharmony_ciSSL_get_privatekey() returns a pointer to the B<EVP_PKEY> object corresponding 51e1051a39Sopenharmony_cito the certificate returned by SSL_get_certificate(), if any. 52e1051a39Sopenharmony_ci 53e1051a39Sopenharmony_ci=head1 RETURN VALUES 54e1051a39Sopenharmony_ci 55e1051a39Sopenharmony_ciThese functions return pointers to their respective objects, or NULL if no such 56e1051a39Sopenharmony_ciobject is available. Returned objects are owned by the SSL object and should not 57e1051a39Sopenharmony_cibe freed by users of these functions. 58e1051a39Sopenharmony_ci 59e1051a39Sopenharmony_ci=head1 SEE ALSO 60e1051a39Sopenharmony_ci 61e1051a39Sopenharmony_ciL<ssl(7)>, L<SSL_CTX_set_tlsext_status_cb(3)> 62e1051a39Sopenharmony_ci 63e1051a39Sopenharmony_ci=head1 COPYRIGHT 64e1051a39Sopenharmony_ci 65e1051a39Sopenharmony_ciCopyright 2001-2022 The OpenSSL Project Authors. All Rights Reserved. 66e1051a39Sopenharmony_ci 67e1051a39Sopenharmony_ciLicensed under the Apache License 2.0 (the "License"). You may not use 68e1051a39Sopenharmony_cithis file except in compliance with the License. You can obtain a copy 69e1051a39Sopenharmony_ciin the file LICENSE in the source distribution or at 70e1051a39Sopenharmony_ciL<https://www.openssl.org/source/license.html>. 71e1051a39Sopenharmony_ci 72e1051a39Sopenharmony_ci=cut 73e1051a39Sopenharmony_ci 74