#use wml::openssl-macros area=docs page=X509_verify_cert
X509_verify_cert - discover and verify X509 certificte chain
int X509_verify_cert(X509_STORE_CTX *ctx);
X509_verify_cert() function attempts to discover and
validate a certificate chain based on parameters in ctx. A complete description of the process is contained in the verify(1) manual page.
If a complete chain can be built and validated this function returns 1, otherwise it return zero, in exceptional circumstances it can also return a negative code.
If the function fails additional error information can be obtained by
examining ctx using, for example
Applications rarely call this function directly but it is used by OpenSSL internally for certificate validation, in both the S/MIME and SSL/TLS code.
The negative return value from
X509_verify_cert() can only
occur if no certificate is set in ctx (due to a programming error) or if a retry operation is requested during
internal lookups (which never happens with standard lookup methods). It is
however recommended that application check for <= 0 return value on
This function uses the header x509.h as opposed to most chain verification functiosn which use x509_vfy.h.
X509_verify_cert() is available in all versions of SSLeay and