diff options
Diffstat (limited to 'docs/libcurl/opts/CURLINFO_CERTINFO.md')
-rw-r--r-- | docs/libcurl/opts/CURLINFO_CERTINFO.md | 101 |
1 files changed, 101 insertions, 0 deletions
diff --git a/docs/libcurl/opts/CURLINFO_CERTINFO.md b/docs/libcurl/opts/CURLINFO_CERTINFO.md new file mode 100644 index 000000000..d9cbc9306 --- /dev/null +++ b/docs/libcurl/opts/CURLINFO_CERTINFO.md @@ -0,0 +1,101 @@ +--- +c: Copyright (C) Daniel Stenberg, <daniel.se>, et al. +SPDX-License-Identifier: curl +Title: CURLINFO_CERTINFO +Section: 3 +Source: libcurl +See-also: + - CURLINFO_CAPATH (3) + - curl_easy_getinfo (3) + - curl_easy_setopt (3) +--- + +# NAME + +CURLINFO_CERTINFO - get the TLS certificate chain + +# SYNOPSIS + +~~~c +#include <curl/curl.h> + +CURLcode curl_easy_getinfo(CURL *handle, CURLINFO_CERTINFO, + struct curl_certinfo **chainp); +~~~ + +# DESCRIPTION + +Pass a pointer to a *struct curl_certinfo ** and it is set to point to a +struct that holds info about the server's certificate chain, assuming you had +CURLOPT_CERTINFO(3) enabled when the request was made. + +~~~c +struct curl_certinfo { + int num_of_certs; + struct curl_slist **certinfo; +}; +~~~ + +The *certinfo* struct member is an array of linked lists of certificate +information. The *num_of_certs* struct member is the number of certificates +which is the number of elements in the array. Each certificate's list has +items with textual information in the format "name:content" such as +"Subject:Foo", "Issuer:Bar", etc. The items in each list varies depending on +the SSL backend and the certificate. + +# PROTOCOLS + +All TLS-based + +# EXAMPLE + +~~~c +int main(void) +{ + CURL *curl = curl_easy_init(); + if(curl) { + CURLcode res; + curl_easy_setopt(curl, CURLOPT_URL, "https://www.example.com/"); + + /* connect to any HTTPS site, trusted or not */ + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L); + curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L); + + curl_easy_setopt(curl, CURLOPT_CERTINFO, 1L); + + res = curl_easy_perform(curl); + + if(!res) { + int i; + struct curl_certinfo *ci; + res = curl_easy_getinfo(curl, CURLINFO_CERTINFO, &ci); + + if(!res) { + printf("%d certs!\n", ci->num_of_certs); + + for(i = 0; i < ci->num_of_certs; i++) { + struct curl_slist *slist; + + for(slist = ci->certinfo[i]; slist; slist = slist->next) + printf("%s\n", slist->data); + } + } + } + curl_easy_cleanup(curl); + } +} +~~~ + +See also the *certinfo.c* example. + +# AVAILABILITY + +This option is only working in libcurl built with OpenSSL, GnuTLS, Schannel or +Secure Transport. GnuTLS support added in 7.42.0. Schannel support added in +7.50.0. Secure Transport support added in 7.79.0. + +Added in 7.19.1 + +# RETURN VALUE + +Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not. |