gnutls_ocsp_req_get_cert_id — API function


#include <gnutls/ocsp.h>

int gnutls_ocsp_req_get_cert_id(gnutls_ocsp_req_t req, unsigned indx, gnutls_digest_algorithm_t * digest, gnutls_datum_t * issuer_name_hash, gnutls_datum_t * issuer_key_hash, gnutls_datum_t * serial_number);


gnutls_ocsp_req_t req

should contain a gnutls_ocsp_req_t type

unsigned indx

Specifies which extension OID to get. Use (0) to get the first one.

gnutls_digest_algorithm_t * digest

output variable with gnutls_digest_algorithm_t hash algorithm

gnutls_datum_t * issuer_name_hash

output buffer with hash of issuer's DN

gnutls_datum_t * issuer_key_hash

output buffer with hash of issuer's public key

gnutls_datum_t * serial_number

output buffer with serial number of certificate to check


This function will return the certificate information of the
indx 'ed request in the OCSP request.  The information returned corresponds to the CertID structure:

<informalexample><programlisting> CertID  ::=     SEQUENCE { hashAlgorithm       AlgorithmIdentifier, issuerNameHash      OCTET STRING, -- Hash of Issuer's DN issuerKeyHash       OCTET STRING, -- Hash of Issuers public key serialNumber CertificateSerialNumber } </programlisting></informalexample>

Each of the pointers to output variables may be NULL to indicate that the caller is not interested in that value.


On success, GNUTLS_E_SUCCESS (0) is returned, otherwise a negative error code is returned.  If you have reached the last CertID available GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be returned.

Reporting Bugs

Report bugs to <>.
Home page:

See Also

The full documentation for gnutls is maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visit


3.6.9 gnutls