Gets the certificate data for the certificates that the peer sent.
comm
ssl-connection-get-peer-certificates-data ssl-connection => certificates-data
| ssl-connection⇩ |
A SSL connection (socket-stream or async-io-state). |
| certificates-data⇩ |
A list of certificate data. |
The function ssl-connection-get-peer-certificates-data returns a list of certificate data for the certificates that the peer of ssl-connection sent. ssl-connection must be a SSL connection (a socket-stream or a async-io-state) that has SSL attached to it.
If the peer did not send any certificates, then ssl-connection-get-peer-certificates-data returns nil.
Each element in certificates-data contains the data for one certificate as a list of lists, where each element of the inner lists is of the form:
(keyword value)
keyword specifies the field in the certificate, and value its value. The keywords that appear in the data vary between SSL implementations. The keywords that are common to all implementations are:
:subject-common-name | |
|
A string: the common name of the subject of the certificate. | |
:serial-number |
An integer: the serial number of the certificate. |
See get-certificate-data for more details.
The certificates are ordered from the leaf to the root, so in a proper chain the first certifiate is the certificate of the peer, and the last one is the certificate of the root Certificate Authority.
If you need details from the certificates that are not returned by ssl-connection-get-peer-certificates-data, then you can use ssl-connection-copy-peer-certificates, though it more complex to use.
ssl-connection-get-peer-certificates-data does not work on streams that use Java sockets (opened by open-tcp-stream-using-java), and returns nil for such streams. You need to use ssl-connection-copy-peer-certificates for such streams.
LispWorks® User Guide and Reference Manual - 01 Dec 2021 19:30:26