| ︙ | | |
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
|
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
|
+
+
-
+
-
+
+
+
-
+
|
connected peer. If the result is an empty list then the
SSL handshake has not yet completed.
If <em>-local</em> is given, then the certificate information
is the one used locally.</dd>
<blockquote>
<dl>
<dt><strong>all</strong> <em>string</em></dt>
<dd>Dump of all certificate data.</dd>
<dt><strong>version</strong> <em>value</em></dt>
<dd>The certification version</dd>
<dt><strong>signature_algorithm</strong> <em>algorithm</em></dt>
<dt><strong>signatureAlgorithm</strong> <em>algorithm</em></dt>
<dd>Cipher algorithm used for certificate signature.</dd>
<dt><strong>digest</strong> <em>version</em></dt>
<dd>Certificate signature digest.</dd>
<dt><strong>public_key_algorithm</strong> <em>algorithm</em></dt>
<dt><strong>publicKeyAlgorithm</strong> <em>algorithm</em></dt>
<dd>Certificate signature public key algorithm.</dd>
<dt><strong>publicKey</strong> <em>string</em></dt>
<dd>Certificate signature public key.</dd>
<dt><strong>bits</strong> <em>n</em></dt>
<dd>Number of bits used for certificate signature key</dd>
<dt><strong>self_signed</strong> <em>boolean</em></dt>
<dd>Is certificate signature self signed.</dd>
<dt><strong>sha1_hash</strong> <em>hash</em></dt>
<dd>The SHA1 hash of the certificate.</dd>
<dt><strong>sha256_hash</strong> <em>hash</em></dt>
<dd>The SHA256 hash of the certificate.</dd>
<dt><strong>subject</strong> <em>dn</em></dt>
<dd>The distinguished name (DN) of the certificate subject.</dd>
<dt><strong>issuer</strong> <em>dn</em></dt>
<dd>The distinguished name (DN) of the certificate issuer.</dd>
<dt><strong>notBefore</strong> <em>date</em></dt>
<dd>The begin date for the validity of the certificate.</dd>
<dt><strong>notAfter</strong> <em>date</em></dt>
<dd>The expiry date for the certificate.</dd>
<dt><strong>serial</strong> <em>n</em></dt>
<dt><strong>serialNumber</strong> <em>n</em></dt>
<dd>The serial number of the certificate.</dd>
<dt><strong>certificate</strong> <em>cert</em></dt>
<dd>The PEM encoded certificate.</dd>
<dt><strong>num_extensions</strong> <em>n</em></dt>
<dd>Number of certificate extensions.</dd>
<dt><strong>extensions</strong> <em>list</em></dt>
<dd>List of certificate extension names.</dd>
|
| ︙ | | |
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
|
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
|
-
-
+
+
+
+
+
|
<dd>Certificate verification result.</dd>
<dt><strong>alpn</strong> <em>protocol</em></dt>
<dd>The protocol selected after Application-Layer Protocol
Negotiation (ALPN).</dd>
<dt><strong>protocol</strong> <em>value</em></dt>
<dd>The protocol version used for the connection:
SSLv2, SSLv3, TLSv1, TLSv1.1, TLSv1.2, TLSv1.3, or unknown</dd>
<dt><strong>signature_hash</strong> <em>string</em></dt>
<dd>The signature hash value.</dd>
<dt><strong>signatureHashAlgorithm</strong> <em>string</em></dt>
<dd>The signature hash algorithm.</dd>
<dt><strong>signature_type</strong> <em>type</em></dt>
<dd>The signature type value.</dd>
<dt><strong>subjectAltName</strong> <em>list</em></dt>
<dd>List of all of the alternative domain names, sub domains,
and IP addresses that are secured by the certificate.</dd>
<dt><strong>ca_names</strong> <em>list</em></dt>
<dd>List of the Certificate Authorities used to create the certificate.</dd>
</dl>
</blockquote>
<dt><a name="tls::connection"><strong>tls::connection</strong>
<em>channel</em></a></dt>
|
| ︙ | | |
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
|
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
|
-
+
|
<dd>State of the connection.</dd>
<dt><strong>servername</strong> <em>name</em></dt>
<dd>The name of the connected to server.</dd>
<dt><strong>protocol</strong> <em>version</em></dt>
<dd>The protocol version used for the connection:
SSL2, SSL3, TLS1, TLS1.1, TLS1.2, TLS1.3, or unknown.</dd>
<dt><strong>renegotiation</strong> <em>state</em></dt>
<dd>Whether protocol renegotiation is allowed or disallowed.</dd>
<dd>Whether protocol renegotiation is supported or not.</dd>
<dt><strong>securitylevel</strong> <em>level</em></dt>
<dd>The security level used for selection of ciphers, key size, etc.</dd>
<dt><strong>session_reused</strong> <em>boolean</em></dt>
<dd>Whether the session has been reused or not.</dd>
<dt><strong>is_server</strong> <em>boolean</em></dt>
<dd>Whether the connection configured as a server or client (false).</dd>
<dt><strong>cipher</strong> <em>cipher</em></dt>
|
| ︙ | | |
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
|
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
|
-
-
+
|
<br>
The <em>status</em> argument is an integer representing the
current validity of the certificate.
A value of <code>0</code> means the certificate is deemed invalid.
A value of <code>1</code> means the certificate is deemed valid.
<br>
The <em>error</em> argument supplies the message, if any, generated
by
<code>X509_STORE_CTX_get_error()</code>.
|
| ︙ | | |