X509_STORE_CTX_get_error.pod - OpenGrok cross reference for /openssl-master/doc/man3/X509_STORE_CTX_get

Lines Matching refs:certificate
9 X509_verify_cert_error_string - get or set certificate verification status
30 These functions are typically called after certificate or chain verification
44 nonnegative integer representing where in the certificate chain the error
45 occurred. If it is zero it occurred in the end entity certificate, one if
46 it is the certificate which signed the end entity certificate and so on.
52 X509_STORE_CTX_get_current_cert() returns the certificate in I<ctx> which
53 caused the error or NULL if no certificate is relevant.
55 X509_STORE_CTX_set_current_cert() sets the certificate I<x> in I<ctx> which
62 If a callback wishes the save the certificate for use after it returns, it
64 Once such a I<saved> certificate is no longer needed it can be freed with
68 certificate being verified by the I<ctx>.
86 X509_STORE_CTX_get_current_cert() returns the certificate which caused the
87 error or NULL if no certificate is relevant to the error.
104 =item B<X509_V_ERR_UNSPECIFIED: unspecified certificate verification error>
108 =item B<X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT: unable to get issuer certificate>
110 The issuer certificate of a locally looked up certificate could not be found.
112 To allow any certificate (not only a self-signed one) in the trust store
115 =item B<X509_V_ERR_UNABLE_TO_GET_CRL: unable to get certificate CRL>
117 The CRL of a certificate could not be found.
120 unable to decrypt certificate's signature>
122 The certificate signature could not be decrypted. This means that the actual
136 The public key in the certificate C<SubjectPublicKeyInfo> field could
139 =item B<X509_V_ERR_CERT_SIGNATURE_FAILURE: certificate signature failure>
141 The signature of the certificate is invalid.
147 =item B<X509_V_ERR_CERT_NOT_YET_VALID: certificate is not yet valid>
149 The certificate is not yet valid: the C<notBefore> date is after the
152 =item B<X509_V_ERR_CERT_HAS_EXPIRED: certificate has expired>
154 The certificate has expired: that is the C<notAfter> date is before the
166 format error in certificate's notBefore field>
168 The certificate C<notBefore> field contains an invalid time.
171 format error in certificate's notAfter field>
173 The certificate C<notAfter> field contains an invalid time.
189 =item B<X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT: self-signed certificate>
191 The passed certificate is self-signed and the same certificate cannot be found
195 self-signed certificate in certificate chain>
197 The certificate chain could be built up using the untrusted certificates
198 but no suitable trust anchor (which typically is a self-signed root certificate)
202 unable to get local issuer certificate>
204 The issuer certificate could not be found: this occurs if the issuer certificate
205 of an untrusted certificate cannot be found.
208 unable to verify the first certificate>
210 No signatures could be verified because the chain contains only one certificate
213 =item B<X509_V_ERR_CERT_CHAIN_TOO_LONG: certificate chain too long>
215 The certificate chain length is greater than the supplied maximum depth. Unused.
217 =item B<X509_V_ERR_CERT_REVOKED: certificate revoked>
219 The certificate has been revoked.
221 =item B<X509_V_ERR_INVALID_CA: invalid CA certificate>
223 A CA certificate is invalid. Either it is not a CA or its extensions are not
230 =item B<X509_V_ERR_INVALID_PURPOSE: unsupported certificate purpose>
232 The target certificate cannot be used for the specified purpose.
234 =item B<X509_V_ERR_CERT_UNTRUSTED: certificate not trusted>
238 =item B<X509_V_ERR_CERT_REJECTED: certificate rejected>
244 The current candidate issuer certificate was rejected because its subject name
245 did not match the issuer name of the current certificate.
250 The current candidate issuer certificate was rejected because its subject key
252 certificate.
257 The current candidate issuer certificate was rejected because its issuer name
259 the current certificate.
262 key usage does not include certificate signing>
264 The current candidate issuer certificate was rejected because its C<keyUsage>
265 extension does not permit certificate signing.
268 invalid or inconsistent certificate extension>
270 A certificate extension had an invalid value (for example an incorrect
274 invalid or inconsistent certificate policy extension>
276 A certificate policies extension had an invalid value (for example an incorrect
287 The only CRLs that could be found did not match the scope of the certificate.
291 Some feature of a certificate extension is not supported. Unused.
304 A certificate name constraints extension included a minimum or maximum field:
330 =item B<X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER: unable to get CRL issuer certificate>
332 Unable to get CRL issuer certificate.
346 =item B<X509_V_ERR_INVALID_NON_CA: invalid non-CA certificate (has CA markings)>
348 Invalid non-CA certificate has CA markings.
391 certificate chain.
394 =item B<X509_V_ERR_EE_KEY_TOO_SMALL: EE certificate key too weak>
396 EE certificate key too weak.
398 =item B<X509_V_ERR_CA_KEY_TOO_SMALL: CA certificate key too weak>
400 CA certificate key too weak.
406 =item B<X509_V_ERR_INVALID_CALL: invalid certificate verification context>
408 Invalid certificate verification context.
410 =item B<X509_V_ERR_STORE_LOOKUP: issuer certificate lookup error>
412 Issuer certificate lookup error.
414 =item B<X509_V_ERR_NO_VALID_SCTS: certificate transparency required, but no valid SCTs found>
432 Returned by the verify callback to indicate that the certificate is not
435 =item B<X509_V_ERR_NO_ISSUER_PUBLIC_KEY: issuer certificate doesn't have a public key>
437 The issuer certificate does not have a public key.
442 the subject's certificate.
451 In versions of OpenSSL before 1.0 the current certificate returned by
454 to the current certificate.