SSL_CTX_set_verify.pod - OpenGrok cross reference for /freebsd-src/crypto/openssl/doc/man3/SSL_CTX_set

Lines Matching full:verification
12 - set various SSL/TLS parameters for peer certificate verification
33 SSL_CTX_set_verify() sets the verification flags for B<ctx> to be B<mode> and
37 SSL_set_verify() sets the verification flags for B<ssl> to be B<mode> and
45 of the current SSL object that is doing the verification.
50 This would be typically done in case the certificate verification was not yet
55 information needed for the verification.
57 server certificate verification step.
63 verification that shall be allowed for B<ctx>.
66 verification that shall be allowed for B<ssl>.
81 The verification of certificates can be controlled by a set of logically
93 certificate verification process can be checked after the TLS/SSL handshake
95 The handshake will be continued regardless of the verification result.
100 The certificate returned (if any) is checked. If the verification process
103 the verification failure.
108 B<Client mode:> the server certificate is verified. If the verification process
111 the verification failure. If no server certificate is sent, because an
137 to be configured for post-handshake peer verification before the
147 If verification flags are not modified explicitly by C<SSL_CTX_set_verify()>
150 The actual verification procedure is performed either using the built-in
151 verification procedure or using another application provided verification
175 receives two arguments: B<preverify_ok> indicates, whether the verification of
178 for the certificate chain verification.
183 a verification error is found, the error number is stored in B<x509_ctx>
191 verification process. If B<verify_callback> returns 0, the verification
192 process is immediately stopped with "verification failed" state. If
193 SSL_VERIFY_PEER is set, a verification failure alert is sent to the peer and
195 the verification process is continued. If B<verify_callback> always returns
196 1, the TLS/SSL handshake will not be terminated with respect to verification
198 however retrieve the error code of the last verification error using
203 Its return value is identical to B<preverify_ok>, so that any verification
239 that will always continue the TLS/SSL handshake regardless of verification
240 failure, if wished. The callback realizes a verification depth limit with
243 All verification errors are printed; information about the certificate chain
305       * At this point, err contains the last verification error. We can use