get the X509 certificate chain sent by the peer
() returns a pointer
certificates forming the certificate chain of the peer. If called on the
client side, the stack also contains the peer's certificate; if called on the
server side, the peer's certificate must be obtained separately using
If the peer did not present a certificate,
() returns the peer
chain as sent by the peer: it only consists of certificates the peer has sent
(in the order the peer has sent them) and it is not a verified chain.
If the session is resumed, peers do not send certificates, so a
pointer is returned. Applications can
() to determine
whether a session is resumed.
The reference count of the
object is not incremented. If the corresponding session is freed, the pointer
must not be used any longer.
The following return values can occur:
- No certificate was presented by the peer or no connection was established
or the certificate chain is no longer available when a session is
- Pointer to a
- The return value points to the certificate chain presented by the
() first appeared in
SSLeay 0.8.0 and has been available since OpenBSD