GSP
Quick Navigator
Search Site

Unix VPS
A - Starter
B - Basic
C - Preferred
D - Commercial
MPS - Dedicated
Previous VPSs
* Sign Up! *

Support
Contact Us
Online Help
Handbooks
Domain Status
Man Pages

FAQ
Virtual Servers
Pricing
Billing
Technical

Network
Facilities
Connectivity
Topology Map

Miscellaneous
Server Agreement
Year 2038
Credits
 

USA Flag

 

 

Man Pages
X509_verify_cert(3) OpenSSL X509_verify_cert(3)

X509_verify_cert - discover and verify X509 certificte chain

 #include <openssl/x509.h>
 int X509_verify_cert(X509_STORE_CTX *ctx);

The X509_verify_cert() function attempts to discover and validate a certificate chain based on parameters in ctx. A complete description of the process is contained in the verify(1) manual page.

If a complete chain can be built and validated this function returns 1, otherwise it return zero, in exceptional circumstances it can also return a negative code.

If the function fails additional error information can be obtained by examining ctx using, for example X509_STORE_CTX_get_error().

Applications rarely call this function directly but it is used by OpenSSL internally for certificate validation, in both the S/MIME and SSL/TLS code.

A negative return value from X509_verify_cert() can occur if it is invoked incorrectly, such as with no certificate set in ctx, or when it is called twice in succession without reinitialising ctx for the second call. A negative return value can also happen due to internal resource problems or if a retry operation is requested during internal lookups (which never happens with standard lookup methods). Applications must check for <= 0 return value on error.

This function uses the header x509.h as opposed to most chain verification functiosn which use x509_vfy.h.

X509_STORE_CTX_get_error(3)

X509_verify_cert() is available in all versions of SSLeay and OpenSSL.

2017-01-26 1.0.2k
Search for    or go to Top of page |  Section 3 |  Main Index

Powered by GSP Visit the GSP FreeBSD Man Page Interface.
Output converted with ManDoc.