Updated: 2022/Sep/29

Please read Privacy Policy. It's for your privacy.

OCSP_REQUEST_new(3)                 OpenSSL                OCSP_REQUEST_new(3)

       OCSP_REQUEST_new, OCSP_REQUEST_free, OCSP_request_add0_id,
       OCSP_request_sign, OCSP_request_add1_cert, OCSP_request_onereq_count,
       OCSP_request_onereq_get0 - OCSP request functions

       libcrypto, -lcrypto

        #include <openssl/ocsp.h>

        OCSP_REQUEST *OCSP_REQUEST_new(void);
        void OCSP_REQUEST_free(OCSP_REQUEST *req);

        OCSP_ONEREQ *OCSP_request_add0_id(OCSP_REQUEST *req, OCSP_CERTID *cid);

        int OCSP_request_sign(OCSP_REQUEST *req,
                              X509 *signer, EVP_PKEY *key, const EVP_MD *dgst,
                              STACK_OF(X509) *certs, unsigned long flags);

        int OCSP_request_add1_cert(OCSP_REQUEST *req, X509 *cert);

        int OCSP_request_onereq_count(OCSP_REQUEST *req);
        OCSP_ONEREQ *OCSP_request_onereq_get0(OCSP_REQUEST *req, int i);

       OCSP_REQUEST_new() allocates and returns an empty OCSP_REQUEST

       OCSP_REQUEST_free() frees up the request structure req.

       OCSP_request_add0_id() adds certificate ID cid to req. It returns the
       OCSP_ONEREQ structure added so an application can add additional
       extensions to the request. The id parameter MUST NOT be freed up after
       the operation.

       OCSP_request_sign() signs OCSP request req using certificate signer,
       private key key, digest dgst and additional certificates certs. If the
       flags option OCSP_NOCERTS is set then no certificates will be included
       in the request.

       OCSP_request_add1_cert() adds certificate cert to request req. The
       application is responsible for freeing up cert after use.

       OCSP_request_onereq_count() returns the total number of OCSP_ONEREQ
       structures in req.

       OCSP_request_onereq_get0() returns an internal pointer to the
       OCSP_ONEREQ contained in req of index i. The index value i runs from 0
       to OCSP_request_onereq_count(req) - 1.

       OCSP_REQUEST_new() returns an empty OCSP_REQUEST structure or NULL if
       an error occurred.

       OCSP_request_add0_id() returns the OCSP_ONEREQ structure containing cid
       or NULL if an error occurred.

       OCSP_request_sign() and OCSP_request_add1_cert() return 1 for success
       and 0 for failure.

       OCSP_request_onereq_count() returns the total number of OCSP_ONEREQ
       structures in req.

       OCSP_request_onereq_get0() returns a pointer to an OCSP_ONEREQ
       structure or NULL if the index value is out or range.

       An OCSP request structure contains one or more OCSP_ONEREQ structures
       corresponding to each certificate.

       OCSP_request_onereq_count() and OCSP_request_onereq_get0() are mainly
       used by OCSP responders.

       Create an OCSP_REQUEST structure for certificate cert with issuer

        OCSP_REQUEST *req;
        OCSP_ID *cid;

        req = OCSP_REQUEST_new();
        if (req == NULL)
           /* error */
        cid = OCSP_cert_to_id(EVP_sha1(), cert, issuer);
        if (cid == NULL)
           /* error */

        if (OCSP_REQUEST_add0_id(req, cid) == NULL)
           /* error */

        /* Do something with req, e.g. query responder */


       crypto(7), OCSP_cert_to_id(3), OCSP_request_add1_nonce(3),
       OCSP_resp_find_status(3), OCSP_response_status(3), OCSP_sendreq_new(3)

       Copyright 2015-2019 The OpenSSL Project Authors. All Rights Reserved.

       Licensed under the OpenSSL license (the "License").  You may not use
       this file except in compliance with the License.  You can obtain a copy
       in the file LICENSE in the source distribution or at

1.1.1i                            2020-01-23               OCSP_REQUEST_new(3)