|  | =pod | 
|  |  | 
|  | =head1 NAME | 
|  |  | 
|  | SSL_get_peer_certificate - get the X509 certificate of the peer | 
|  |  | 
|  | =head1 SYNOPSIS | 
|  |  | 
|  | #include <openssl/ssl.h> | 
|  |  | 
|  | X509 *SSL_get_peer_certificate(const SSL *ssl); | 
|  |  | 
|  | =head1 DESCRIPTION | 
|  |  | 
|  | SSL_get_peer_certificate() returns a pointer to the X509 certificate the | 
|  | peer presented. If the peer did not present a certificate, NULL is returned. | 
|  |  | 
|  | =head1 NOTES | 
|  |  | 
|  | Due to the protocol definition, a TLS/SSL server will always send a | 
|  | certificate, if present. A client will only send a certificate when | 
|  | explicitly requested to do so by the server (see | 
|  | L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)>). If an anonymous cipher | 
|  | is used, no certificates are sent. | 
|  |  | 
|  | That a certificate is returned does not indicate information about the | 
|  | verification state, use L<SSL_get_verify_result(3)|SSL_get_verify_result(3)> | 
|  | to check the verification state. | 
|  |  | 
|  | The reference count of the X509 object is incremented by one, so that it | 
|  | will not be destroyed when the session containing the peer certificate is | 
|  | freed. The X509 object must be explicitly freed using X509_free(). | 
|  |  | 
|  | =head1 RETURN VALUES | 
|  |  | 
|  | The following return values can occur: | 
|  |  | 
|  | =over 4 | 
|  |  | 
|  | =item NULL | 
|  |  | 
|  | No certificate was presented by the peer or no connection was established. | 
|  |  | 
|  | =item Pointer to an X509 certificate | 
|  |  | 
|  | The return value points to the certificate presented by the peer. | 
|  |  | 
|  | =back | 
|  |  | 
|  | =head1 SEE ALSO | 
|  |  | 
|  | L<ssl(3)|ssl(3)>, L<SSL_get_verify_result(3)|SSL_get_verify_result(3)>, | 
|  | L<SSL_CTX_set_verify(3)|SSL_CTX_set_verify(3)> | 
|  |  | 
|  | =cut |