xref: /curl/docs/libcurl/opts/CURLINFO_CERTINFO.md (revision 5a488251) 
1---
2c: Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al.
3SPDX-License-Identifier: curl
4Title: CURLINFO_CERTINFO
5Section: 3
6Source: libcurl
7See-also:
8  - CURLINFO_CAPATH (3)
9  - curl_easy_getinfo (3)
10  - curl_easy_setopt (3)
11Protocol:
12  - TLS
13TLS-backend:
14  - OpenSSL
15  - GnuTLS
16  - Schannel
17  - Secure Transport
18Added-in: 7.19.1
19---
20
21# NAME
22
23CURLINFO_CERTINFO - get the TLS certificate chain
24
25# SYNOPSIS
26
27~~~c
28#include <curl/curl.h>
29
30CURLcode curl_easy_getinfo(CURL *handle, CURLINFO_CERTINFO,
31                           struct curl_certinfo **chainp);
32~~~
33
34# DESCRIPTION
35
36Pass a pointer to a *struct curl_certinfo ** and it is set to point to a
37struct that holds info about the server's certificate chain, assuming you had
38CURLOPT_CERTINFO(3) enabled when the request was made.
39
40~~~c
41struct curl_certinfo {
42  int num_of_certs;
43  struct curl_slist **certinfo;
44};
45~~~
46
47The *certinfo* struct member is an array of linked lists of certificate
48information. The *num_of_certs* struct member is the number of certificates
49which is the number of elements in the array. Each certificate's list has
50items with textual information in the format "name:content" such as
51"Subject:Foo", "Issuer:Bar", etc. The items in each list varies depending on
52the SSL backend and the certificate.
53
54# %PROTOCOLS%
55
56# EXAMPLE
57
58~~~c
59int main(void)
60{
61  CURL *curl = curl_easy_init();
62  if(curl) {
63    CURLcode res;
64    curl_easy_setopt(curl, CURLOPT_URL, "https://www.example.com/");
65
66    /* connect to any HTTPS site, trusted or not */
67    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYPEER, 0L);
68    curl_easy_setopt(curl, CURLOPT_SSL_VERIFYHOST, 0L);
69
70    curl_easy_setopt(curl, CURLOPT_CERTINFO, 1L);
71
72    res = curl_easy_perform(curl);
73
74    if(!res) {
75      int i;
76      struct curl_certinfo *ci;
77      res = curl_easy_getinfo(curl, CURLINFO_CERTINFO, &ci);
78
79      if(!res) {
80        printf("%d certs!\n", ci->num_of_certs);
81
82        for(i = 0; i < ci->num_of_certs; i++) {
83          struct curl_slist *slist;
84
85          for(slist = ci->certinfo[i]; slist; slist = slist->next)
86            printf("%s\n", slist->data);
87        }
88      }
89    }
90    curl_easy_cleanup(curl);
91  }
92}
93~~~
94
95See also the *certinfo.c* example.
96
97# HISTORY
98
99GnuTLS support added in 7.42.0. Schannel support added in 7.50.0. Secure
100Transport support added in 7.79.0. mbedTLS support added in 8.9.0.
101
102# %AVAILABILITY%
103
104# RETURN VALUE
105
106Returns CURLE_OK if the option is supported, and CURLE_UNKNOWN_OPTION if not.
107