1=pod 2 3=head1 NAME 4 5X509_verify_cert - discover and verify X509 certificate chain 6 7=head1 SYNOPSIS 8 9 #include <openssl/x509.h> 10 11 int X509_verify_cert(X509_STORE_CTX *ctx); 12 13=head1 DESCRIPTION 14 15The X509_verify_cert() function attempts to discover and validate a 16certificate chain based on parameters in B<ctx>. A complete description of 17the process is contained in the L<verify(1)> manual page. 18 19=head1 RETURN VALUES 20 21If a complete chain can be built and validated this function returns 1, 22otherwise it return zero, in exceptional circumstances it can also 23return a negative code. 24 25If the function fails additional error information can be obtained by 26examining B<ctx> using, for example X509_STORE_CTX_get_error(). 27 28=head1 NOTES 29 30Applications rarely call this function directly but it is used by 31OpenSSL internally for certificate validation, in both the S/MIME and 32SSL/TLS code. 33 34A negative return value from X509_verify_cert() can occur if it is invoked 35incorrectly, such as with no certificate set in B<ctx>, or when it is called 36twice in succession without reinitialising B<ctx> for the second call. 37A negative return value can also happen due to internal resource problems or if 38a retry operation is requested during internal lookups (which never happens 39with standard lookup methods). 40Applications must check for <= 0 return value on error. 41 42=head1 BUGS 43 44This function uses the header B<x509.h> as opposed to most chain verification 45functions which use B<x509_vfy.h>. 46 47=head1 SEE ALSO 48 49L<X509_STORE_CTX_get_error(3)> 50 51=head1 COPYRIGHT 52 53Copyright 2009-2016 The OpenSSL Project Authors. All Rights Reserved. 54 55Licensed under the OpenSSL license (the "License"). You may not use 56this file except in compliance with the License. You can obtain a copy 57in the file LICENSE in the source distribution or at 58L<https://www.openssl.org/source/license.html>. 59 60=cut 61