SSLCopyPeerCertificates
Retrieves a peer certificate and its certificate chain.
Declaration
OSStatus SSLCopyPeerCertificates(SSLContextRef context, CFArrayRef*certs);Parameters
- context:
An SSL session context reference.
- certs:
On return, a pointer to an array of values of type
SecCertificateRefrepresenting the peer certificate and the certificate chain used to validate it. The certificate at index 0 of the returned array is the peer certificate (the subject of the function call—the end certificate in the chain); the root certificate (or the closest certificate to it) is at the end of the returned array. The entire array is created by the Secure Transport library; you must call theCFReleasefunction for this array when you are finished with it.
Return Value
A result code. See Secure Transport Result Codes.
Discussion
This function is valid any time after a handshake attempt. You can use it to examine a peer certificate, to examine a certificate chain to determine why a handshake attempt failed, or to retrieve the certificate chain in order to validate the certificate yourself. (To disable validation so that you can validate the certificate yourself, use the SSLSetSessionOption(_:_:_:) function to set the session’s SSLSessionOption.breakOnServerAuth flag.)