1: =pod
    2: 
    3: =head1 NAME
    4: 
    5: SSL_get_peer_certificate - get the X509 certificate of the peer
    6: 
    7: =head1 SYNOPSIS
    8: 
    9:  #include <openssl/ssl.h>
   10: 
   11:  X509 *SSL_get_peer_certificate(const SSL *ssl);
   12: 
   13: =head1 DESCRIPTION
   14: 
   15: SSL_get_peer_certificate() returns a pointer to the X509 certificate the
   16: peer presented. If the peer did not present a certificate, NULL is returned.
   17: 
   18: =head1 NOTES
   19: 
   20: Due to the protocol definition, a TLS/SSL server will always send a
   21: certificate, if present. A client will only send a certificate when
   22: explicitly requested to do so by the server (see
   23: L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>). If an anonymous cipher
   24: is used, no certificates are sent.
   25: 
   26: That a certificate is returned does not indicate information about the
   27: verification state, use L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>
   28: to check the verification state.
   29: 
   30: The reference count of the X509 object is incremented by one, so that it
   31: will not be destroyed when the session containing the peer certificate is
   32: freed. The X509 object must be explicitly freed using X509_free().
   33: 
   34: =head1 RETURN VALUES
   35: 
   36: The following return values can occur:
   37: 
   38: =over 4
   39: 
   40: =item NULL
   41: 
   42: No certificate was presented by the peer or no connection was established.
   43: 
   44: =item Pointer to an X509 certificate
   45: 
   46: The return value points to the certificate presented by the peer.
   47: 
   48: =back
   49: 
   50: =head1 SEE ALSO
   51: 
   52: L<ssl(3)|ssl(3)>, L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>,
   53: L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>
   54: 
   55: =cut