230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
|
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
|
+
+
+
+
+
+
+
+
-
-
-
+
+
+
+
+
+
+
+
-
-
+
+
+
+
+
+
+
+
+
+
+
+
+
-
-
-
-
-
-
-
-
-
+
|
connected peer. If the result is an empty list then the
SSL handshake has not yet completed.
If <em>-local</em> is given, then the certificate information
is the one used locally.</dd>
<blockquote>
<dl>
<dt><strong>version</strong> <em>value</em></dt>
<dd>The certification version</dd>
<dt><strong>signature_algorithm</strong> <em>algorithm</em></dt>
<dd>Cipher algorithm used for certificate signature.</dd>
<dt><strong>digest</strong> <em>version</em></dt>
<dd>Certificate signature digest.</dd>
<dt><strong>public_key_algorithm</strong> <em>algorithm</em></dt>
<dd>Certificate signature public key algorithm.</dd>
<dt><strong>issuer</strong> <em>dn</em></dt>
<dd>The distinguished name (DN) of the certificate
issuer.</dd>
<dt><strong>bits</strong> <em>n</em></dt>
<dd>Number of bits used for certificate signature key</dd>
<dt><strong>self_signed</strong> <em>boolean</em></dt>
<dd>Is certificate signature self signed.</dd>
<dt><strong>sha1_hash</strong> <em>hash</em></dt>
<dd>The SHA1 hash of the certificate.</dd>
<dt><strong>sha256_hash</strong> <em>hash</em></dt>
<dd>The SHA256 hash of the certificate.</dd>
<dt><strong>subject</strong> <em>dn</em></dt>
<dd>The distinguished name (DN) of the certificate
subject.</dd>
<dd>The distinguished name (DN) of the certificate subject.</dd>
<dt><strong>issuer</strong> <em>dn</em></dt>
<dd>The distinguished name (DN) of the certificate issuer.</dd>
<dt><strong>notBefore</strong> <em>date</em></dt>
<dd>The begin date for the validity of the certificate.</dd>
<dt><strong>notAfter</strong> <em>date</em></dt>
<dd>The expiry date for the certificate.</dd>
<dt><strong>serial</strong> <em>n</em></dt>
<dd>The serial number of the certificate.</dd>
<dt><strong>certificate</strong> <em>cert</em></dt>
<dd>The PEM encoded certificate.</dd>
<dt><strong>num_extensions</strong> <em>n</em></dt>
<dd>Number of certificate extensions.</dd>
<dt><strong>extensions</strong> <em>list</em></dt>
<dd>List of certificate extension names.</dd>
<dt><strong>peername</strong> <em>name</em></dt>
<dd>The peername from the certificate.</dd>
<dt><strong>sbits</strong> <em>n</em></dt>
<dd>The number of bits used for the session key.</dd>
<dt><strong>cipher</strong> <em>cipher</em></dt>
<dd>The current cipher in use between the client and
server channels.</dd>
<dt><strong>sbits</strong> <em>n</em></dt>
<dd>The number of bits used for the session key.</dd>
<dt><strong>certificate</strong> <em>cert</em></dt>
<dd>The PEM encoded certificate.</dd>
<dt><strong>sha1_hash</strong> <em>hash</em></dt>
<dd>The SHA1 hash of the certificate.</dd>
<dt><strong>sha256_hash</strong> <em>hash</em></dt>
<dd>The SHA256 hash of the certificate.</dd>
<dt><strong>validation</strong> <em>result</em></dt>
<dd>Certificate validation result.</dd>
<dt><strong>alpn</strong> <em>protocol</em></dt>
<dd>The protocol selected after Application-Layer Protocol
Negotiation (ALPN).</dd>
<dt><strong>version</strong> <em>value</em></dt>
<dt><strong>protocol</strong> <em>value</em></dt>
<dd>The protocol version used for the connection:
SSLv2, SSLv3, TLSv1, TLSv1.1, TLSv1.2, TLSv1.3, or unknown</dd>
</dl>
</blockquote>
<dt><a name="tls::connection"><strong>tls::connection</strong>
<em>channel</em></a></dt>
|
455
456
457
458
459
460
461
462
463
464
465
466
467
468
|
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
|
+
|
<dd>
This form of callback is invoked when the server receives the SNI
header from the client where <i>servername</i> is the client
specified servername. Used to allow multiple names for
same server so the right certificate can be used.
</dd>
<br>
<br>
<dt>
<strong>verify</strong> <em>channel depth cert status error</em>
</dt>
<dd>
This form of callback is invoked by the OpenSSL function
|