OpenBSD manual page server

Manual Page Search Parameters

X509_VERIFY_CERT(3) Library Functions Manual X509_VERIFY_CERT(3)

X509_verify_certdiscover and verify X509 certificate chain

#include <openssl/x509.h>

X509_verify_cert(X509_STORE_CTX *ctx);

The () function attempts to discover and validate a certificate chain based on parameters in ctx.

Applications rarely call this function directly, but it is used by OpenSSL internally for certificate validation, in both the S/MIME and SSL/TLS code.

If a complete chain can be built and validated this function returns 1, otherwise it returns a value <= 0 indicating failure.

Additional error information can be obtained by examining ctx, using X509_STORE_CTX_get_error(3).

openssl(1), X509_STORE_CTX_get_error(3), X509_STORE_CTX_new(3)

X509_verify_cert() first appeared in SSLeay 0.8.0 and has been available since OpenBSD 2.4.

This function uses the header <openssl/x509.h> as opposed to most chain verification functions which use <openssl/x509_vfy.h>.

June 6, 2019 OpenBSD-6.9