1*6236dae4SAndroid Build Coastguard Worker--- 2*6236dae4SAndroid Build Coastguard Workerc: Copyright (C) Daniel Stenberg, <[email protected]>, et al. 3*6236dae4SAndroid Build Coastguard WorkerSPDX-License-Identifier: curl 4*6236dae4SAndroid Build Coastguard WorkerTitle: CURLINFO_CERTINFO 5*6236dae4SAndroid Build Coastguard WorkerSection: 3 6*6236dae4SAndroid Build Coastguard WorkerSource: libcurl 7*6236dae4SAndroid Build Coastguard WorkerSee-also: 8*6236dae4SAndroid Build Coastguard Worker - CURLINFO_CAPATH (3) 9*6236dae4SAndroid Build Coastguard Worker - curl_easy_getinfo (3) 10*6236dae4SAndroid Build Coastguard Worker - curl_easy_setopt (3) 11*6236dae4SAndroid Build Coastguard WorkerProtocol: 12*6236dae4SAndroid Build Coastguard Worker - TLS 13*6236dae4SAndroid Build Coastguard WorkerTLS-backend: 14*6236dae4SAndroid Build Coastguard Worker - OpenSSL 15*6236dae4SAndroid Build Coastguard Worker - GnuTLS 16*6236dae4SAndroid Build Coastguard Worker - Schannel 17*6236dae4SAndroid Build Coastguard Worker - Secure Transport 18*6236dae4SAndroid Build Coastguard WorkerAdded-in: 7.19.1 19*6236dae4SAndroid Build Coastguard Worker--- 20*6236dae4SAndroid Build Coastguard Worker 21*6236dae4SAndroid Build Coastguard Worker# NAME 22*6236dae4SAndroid Build Coastguard Worker 23*6236dae4SAndroid Build Coastguard WorkerCURLINFO_CERTINFO - get the TLS certificate chain 24*6236dae4SAndroid Build Coastguard Worker 25*6236dae4SAndroid Build Coastguard Worker# SYNOPSIS 26*6236dae4SAndroid Build Coastguard Worker 27*6236dae4SAndroid Build Coastguard Worker~~~c 28*6236dae4SAndroid Build Coastguard Worker#include <curl/curl.h> 29*6236dae4SAndroid Build Coastguard Worker 30*6236dae4SAndroid Build Coastguard WorkerCURLcode curl_easy_getinfo(CURL *handle, CURLINFO_CERTINFO, 31*6236dae4SAndroid Build Coastguard Worker struct curl_certinfo **chainp); 32*6236dae4SAndroid Build Coastguard Worker~~~ 33*6236dae4SAndroid Build Coastguard Worker 34*6236dae4SAndroid Build Coastguard Worker# DESCRIPTION 35*6236dae4SAndroid Build Coastguard Worker 36*6236dae4SAndroid Build Coastguard WorkerPass a pointer to a *struct curl_certinfo ** and it is set to point to a 37*6236dae4SAndroid Build Coastguard Workerstruct that holds info about the server's certificate chain, assuming you had 38*6236dae4SAndroid Build Coastguard WorkerCURLOPT_CERTINFO(3) enabled when the request was made. 39*6236dae4SAndroid Build Coastguard Worker 40*6236dae4SAndroid Build Coastguard Worker~~~c 41*6236dae4SAndroid Build Coastguard Workerstruct curl_certinfo { 42*6236dae4SAndroid Build Coastguard Worker int num_of_certs; 43*6236dae4SAndroid Build Coastguard Worker struct curl_slist **certinfo; 44*6236dae4SAndroid Build Coastguard Worker}; 45*6236dae4SAndroid Build Coastguard Worker~~~ 46*6236dae4SAndroid Build Coastguard Worker 47*6236dae4SAndroid Build Coastguard WorkerThe *certinfo* struct member is an array of linked lists of certificate 48*6236dae4SAndroid Build Coastguard Workerinformation. The *num_of_certs* struct member is the number of certificates 49*6236dae4SAndroid Build Coastguard Workerwhich is the number of elements in the array. Each certificate's list has 50*6236dae4SAndroid Build Coastguard Workeritems with textual information in the format "name:content" such as 51*6236dae4SAndroid Build Coastguard Worker"Subject:Foo", "Issuer:Bar", etc. The items in each list varies depending on 52*6236dae4SAndroid Build Coastguard Workerthe SSL backend and the certificate. 53*6236dae4SAndroid Build Coastguard Worker 54*6236dae4SAndroid Build Coastguard Worker# %PROTOCOLS% 55*6236dae4SAndroid Build Coastguard Worker 56*6236dae4SAndroid Build Coastguard Worker# EXAMPLE 57*6236dae4SAndroid Build Coastguard Worker 58*6236dae4SAndroid Build Coastguard Worker~~~c 59*6236dae4SAndroid Build Coastguard Workerint main(void) 60*6236dae4SAndroid Build Coastguard Worker{ 61*6236dae4SAndroid Build Coastguard Worker CURL *curl = curl_easy_init(); 62*6236dae4SAndroid Build Coastguard Worker if(curl) { 63*6236dae4SAndroid Build Coastguard Worker CURLcode res; 64*6236dae4SAndroid Build Coastguard Worker curl_easy_setopt(curl, CURLOPT_URL, "https://www.example.com/"); 65*6236dae4SAndroid Build Coastguard Worker 66*6236dae4SAndroid Build Coastguard Worker /* connect to any HTTPS site, trusted or not */ 67*6236dae4SAndroid Build Coastguard Worker curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L); 68*6236dae4SAndroid Build Coastguard Worker curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L); 69*6236dae4SAndroid Build Coastguard Worker 70*6236dae4SAndroid Build Coastguard Worker curl_easy_setopt(curl, CURLOPT_CERTINFO, 1L); 71*6236dae4SAndroid Build Coastguard Worker 72*6236dae4SAndroid Build Coastguard Worker res = curl_easy_perform(curl); 73*6236dae4SAndroid Build Coastguard Worker 74*6236dae4SAndroid Build Coastguard Worker if(!res) { 75*6236dae4SAndroid Build Coastguard Worker int i; 76*6236dae4SAndroid Build Coastguard Worker struct curl_certinfo *ci; 77*6236dae4SAndroid Build Coastguard Worker res = curl_easy_getinfo(curl, CURLINFO_CERTINFO, &ci); 78*6236dae4SAndroid Build Coastguard Worker 79*6236dae4SAndroid Build Coastguard Worker if(!res) { 80*6236dae4SAndroid Build Coastguard Worker printf("%d certs!\n", ci->num_of_certs); 81*6236dae4SAndroid Build Coastguard Worker 82*6236dae4SAndroid Build Coastguard Worker for(i = 0; i < ci->num_of_certs; i++) { 83*6236dae4SAndroid Build Coastguard Worker struct curl_slist *slist; 84*6236dae4SAndroid Build Coastguard Worker 85*6236dae4SAndroid Build Coastguard Worker for(slist = ci->certinfo[i]; slist; slist = slist->next) 86*6236dae4SAndroid Build Coastguard Worker printf("%s\n", slist->data); 87*6236dae4SAndroid Build Coastguard Worker } 88*6236dae4SAndroid Build Coastguard Worker } 89*6236dae4SAndroid Build Coastguard Worker } 90*6236dae4SAndroid Build Coastguard Worker curl_easy_cleanup(curl); 91*6236dae4SAndroid Build Coastguard Worker } 92*6236dae4SAndroid Build Coastguard Worker} 93*6236dae4SAndroid Build Coastguard Worker~~~ 94*6236dae4SAndroid Build Coastguard Worker 95*6236dae4SAndroid Build Coastguard WorkerSee also the *certinfo.c* example. 96*6236dae4SAndroid Build Coastguard Worker 97*6236dae4SAndroid Build Coastguard Worker# HISTORY 98*6236dae4SAndroid Build Coastguard Worker 99*6236dae4SAndroid Build Coastguard WorkerGnuTLS support added in 7.42.0. Schannel support added in 7.50.0. Secure 100*6236dae4SAndroid Build Coastguard WorkerTransport support added in 7.79.0. mbedTLS support added in 8.9.0. 101*6236dae4SAndroid Build Coastguard Worker 102*6236dae4SAndroid Build Coastguard Worker# %AVAILABILITY% 103*6236dae4SAndroid Build Coastguard Worker 104*6236dae4SAndroid Build Coastguard Worker# RETURN VALUE 105*6236dae4SAndroid Build Coastguard Worker 106*6236dae4SAndroid Build Coastguard WorkerReturns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not. 107