I have a note from 2017 in my code to the effect that SSL_get_certificate() is broken in that it returns the last cert loaded rather than the one passed out to the client (on the server).
Is this still the case? I can't track down any obvious fix in the OpenSSL git. I'd like to use it to pick the right stapling to use, in a dual RSA/EC server cert installation. -- Cheers, Jeremy
