or null. Use [gobject.object.ObjectWrap.unref] to release the certificate.
TlsDatabase.lookupCertificateIssuer
gio.tls_certificate.TlsCertificate lookupCertificateIssuer(gio.tls_certificate.TlsCertificate certificate, gio.tls_interaction.TlsInteraction interaction, gio.types.TlsDatabaseLookupFlags flags, gio.cancellable.Cancellable cancellable = null)Look up the issuer of certificate in the database. The #GTlsCertificate:issuer property of certificate is not modified, and the two certificates are not hooked into a chain.
This function can block. Use [gio.tls_database.TlsDatabase.lookupCertificateIssuerAsync] to perform the lookup operation asynchronously.
Beware this function cannot be used to build certification paths. The issuer certificate returned by this function may not be the same as the certificate that would actually be used to construct a valid certification path during certificate verification.
RFC 4158 explainswhy an issuer certificate cannot be naively assumed to be part of the the certification path (though GLib's TLS backends may not follow the path building strategies outlined in this RFC). Due to the complexity of certification path building, GLib does not provide any way to know which certification path will actually be used when verifying a TLS certificate. Accordingly, this function cannot be used to make security-related decisions. Only GLib itself should make security decisions about TLS certificates.
Parameters
certificate | a #GTlsCertificate |
interaction | used to interact with the user if necessary |
flags | flags which affect the lookup operation |
cancellable | a #GCancellable, or null |
Returns
a newly allocated issuer #GTlsCertificate,
Throws
[ErrorWrap]