gnutls_certificate_expiration_time_peers - Linux


gnutls_certificate_expiration_time_peers retrieves the expiration time of the certificate chain for the server on the established connection. It is a TLS library function that verifies the server certificate and checks if it has expired or not.


gnutls_certificate_expiration_time_peers(gnutls_session_t session) -> time_t




To check the expiration time of the server certificate, use the following code:

#include <gnutls/gnutls.h>

time_t expiration_time;

gnutls_session_t session;
gnutls_init(&session, GNUTLS_CLIENT);

if (gnutls_certificate_expiration_time_peers(session, &expiration_time) == 0) {
  printf("Server certificate expires at: %s", ctime(&expiration_time));
} else {
  printf("Error retrieving certificate expiration time.");


Common Issues

  • If the server certificate is invalid or has expired, the function will return a negative value.
  • If the server does not provide a certificate, the function will return GNUTLS_E_NO_CERTIFICATE.


This function can be used in conjunction with other GnuTLS functions to verify the server certificate and check its validity.

Related Commands

  • gnutls_certificate_verify_peers2: Verifies the server certificate and checks its validity.
  • gnutls_session_init: Initializes a TLS session.