2024-01-17 18:32:44 +08:00
|
|
|
---
|
2024-02-28 18:28:10 +08:00
|
|
|
c: Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
|
2024-01-17 18:32:44 +08:00
|
|
|
SPDX-License-Identifier: curl
|
|
|
|
Title: CURLINFO_CERTINFO
|
|
|
|
Section: 3
|
|
|
|
Source: libcurl
|
|
|
|
See-also:
|
|
|
|
- CURLINFO_CAPATH (3)
|
|
|
|
- curl_easy_getinfo (3)
|
|
|
|
- curl_easy_setopt (3)
|
2024-03-21 18:50:20 +08:00
|
|
|
Protocol:
|
|
|
|
- TLS
|
2024-03-21 22:46:32 +08:00
|
|
|
TLS-backend:
|
|
|
|
- OpenSSL
|
|
|
|
- GnuTLS
|
|
|
|
- Schannel
|
|
|
|
- Secure Transport
|
2024-01-17 18:32:44 +08:00
|
|
|
---
|
|
|
|
|
|
|
|
# NAME
|
|
|
|
|
|
|
|
CURLINFO_CERTINFO - get the TLS certificate chain
|
|
|
|
|
|
|
|
# SYNOPSIS
|
|
|
|
|
|
|
|
~~~c
|
|
|
|
#include <curl/curl.h>
|
|
|
|
|
|
|
|
CURLcode curl_easy_getinfo(CURL *handle, CURLINFO_CERTINFO,
|
|
|
|
struct curl_certinfo **chainp);
|
|
|
|
~~~
|
|
|
|
|
|
|
|
# DESCRIPTION
|
|
|
|
|
|
|
|
Pass a pointer to a *struct curl_certinfo ** and it is set to point to a
|
|
|
|
struct that holds info about the server's certificate chain, assuming you had
|
|
|
|
CURLOPT_CERTINFO(3) enabled when the request was made.
|
|
|
|
|
|
|
|
~~~c
|
|
|
|
struct curl_certinfo {
|
|
|
|
int num_of_certs;
|
|
|
|
struct curl_slist **certinfo;
|
|
|
|
};
|
|
|
|
~~~
|
|
|
|
|
|
|
|
The *certinfo* struct member is an array of linked lists of certificate
|
2024-01-26 16:54:48 +08:00
|
|
|
information. The *num_of_certs* struct member is the number of certificates
|
|
|
|
which is the number of elements in the array. Each certificate's list has
|
|
|
|
items with textual information in the format "name:content" such as
|
|
|
|
"Subject:Foo", "Issuer:Bar", etc. The items in each list varies depending on
|
2024-01-17 18:32:44 +08:00
|
|
|
the SSL backend and the certificate.
|
|
|
|
|
|
|
|
# EXAMPLE
|
|
|
|
|
|
|
|
~~~c
|
|
|
|
int main(void)
|
|
|
|
{
|
|
|
|
CURL *curl = curl_easy_init();
|
|
|
|
if(curl) {
|
|
|
|
CURLcode res;
|
|
|
|
curl_easy_setopt(curl, CURLOPT_URL, "https://www.example.com/");
|
|
|
|
|
|
|
|
/* connect to any HTTPS site, trusted or not */
|
|
|
|
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
|
|
|
|
curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
|
|
|
|
|
|
|
|
curl_easy_setopt(curl, CURLOPT_CERTINFO, 1L);
|
|
|
|
|
|
|
|
res = curl_easy_perform(curl);
|
|
|
|
|
|
|
|
if(!res) {
|
|
|
|
int i;
|
|
|
|
struct curl_certinfo *ci;
|
|
|
|
res = curl_easy_getinfo(curl, CURLINFO_CERTINFO, &ci);
|
|
|
|
|
|
|
|
if(!res) {
|
|
|
|
printf("%d certs!\n", ci->num_of_certs);
|
|
|
|
|
|
|
|
for(i = 0; i < ci->num_of_certs; i++) {
|
|
|
|
struct curl_slist *slist;
|
|
|
|
|
|
|
|
for(slist = ci->certinfo[i]; slist; slist = slist->next)
|
|
|
|
printf("%s\n", slist->data);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
curl_easy_cleanup(curl);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
~~~
|
|
|
|
|
|
|
|
See also the *certinfo.c* example.
|
|
|
|
|
|
|
|
# AVAILABILITY
|
|
|
|
|
2024-03-13 08:21:06 +08:00
|
|
|
This option is only working in libcurl built with OpenSSL, GnuTLS, Schannel,
|
|
|
|
Secure Transport or mbedTLS. GnuTLS support added in 7.42.0. Schannel support
|
|
|
|
added in 7.50.0. Secure Transport support added in 7.79.0. mbedTLS support added
|
|
|
|
in 8.9.0.
|
2024-01-17 18:32:44 +08:00
|
|
|
|
|
|
|
Added in 7.19.1
|
|
|
|
|
|
|
|
# RETURN VALUE
|
|
|
|
|
|
|
|
Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
|