1X509_verify_cert(3)                 OpenSSL                X509_verify_cert(3)
2
3
4

NAME

6       X509_verify_cert - discover and verify X509 certificte chain
7

SYNOPSIS

9        #include <openssl/x509.h>
10
11        int X509_verify_cert(X509_STORE_CTX *ctx);
12

DESCRIPTION

14       The X509_verify_cert() function attempts to discover and validate a
15       certificate chain based on parameters in ctx. A complete description of
16       the process is contained in the verify(1) manual page.
17

RETURN VALUES

19       If a complete chain can be built and validated this function returns 1,
20       otherwise it return zero, in exceptional circumstances it can also
21       return a negative code.
22
23       If the function fails additional error information can be obtained by
24       examining ctx using, for example X509_STORE_CTX_get_error().
25

NOTES

27       Applications rarely call this function directly but it is used by
28       OpenSSL internally for certificate validation, in both the S/MIME and
29       SSL/TLS code.
30
31       A negative return value from X509_verify_cert() can occur if it is
32       invoked incorrectly, such as with no certificate set in ctx, or when it
33       is called twice in succession without reinitialising ctx for the second
34       call.  A negative return value can also happen due to internal resource
35       problems or if a retry operation is requested during internal lookups
36       (which never happens with standard lookup methods).  Applications must
37       check for <= 0 return value on error.
38

BUGS

40       This function uses the header x509.h as opposed to most chain
41       verification functiosn which use x509_vfy.h.
42

SEE ALSO

44       X509_STORE_CTX_get_error(3)
45

HISTORY

47       X509_verify_cert() is available in all versions of SSLeay and OpenSSL.
48
49
50
511.0.2o                            2020-01-28               X509_verify_cert(3)
Impressum