gnutls_certificate_get_peers man page

gnutls_certificate_get_peers — API function


#include <gnutls/gnutls.h>

const gnutls_datum_t * gnutls_certificate_get_peers(gnutls_session_t          session, unsigned int * list_size);


gnutls_session_t          session

is a gnutls session

unsigned int * list_size

is the length of the certificate list (may be NULL)


Get the peer's raw certificate (chain) as sent by the peer.  These certificates are in raw format (DER encoded for X.509).  In case of a X.509 then a certificate list may be present.  The list is provided as sent by the server; the server must send as first certificate in the list its own certificate, following the issuer's certificate, then the issuer's issuer etc. However, there are servers which violate this principle and thus on certain occasions this may be an unsorted list.

In case of OpenPGP keys a single key will be returned in raw format.


a pointer to a gnutls_datum_t containing the peer's certificates, or NULL in case of an error or if no certificate was used.

Reporting Bugs

Report bugs to <>.
Home page:

See Also

The full documentation for gnutls is maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visit


3.5.9 gnutls