cowboy_req:cert - Client TLS certificate


cert(Req :: cowboy_req:req()) -> binary() | undefined

Return the peer's TLS certificate.

Using the default configuration this function will always return undefined. You need to explicitly configure Cowboy to request the client certificate. To do this you need to set the verify transport option to verify_peer:

{ok, _} = cowboy:start_tls(example, [
    {port, 8443},
    {certfile, "path/to/cert.pem"},
    {verify, verify_peer}
], #{
    env => #{dispatch => Dispatch}

You may also want to customize the verify_fun function. Please consult the ssl application's manual for more details.

TCP connections do not allow a certificate and this function will therefore always return undefined.

The certificate can also be obtained using pattern matching:

#{cert := Cert} = Req.



The Req object.

Return value

The client TLS certificate.


  • 2.1: Function introduced.


Get the client TLS certificate.
Cert = cowboy_req:cert(Req).

See also

cowboy_req(3), cowboy_req:peer(3), cowboy_req:sock(3)

Cowboy 2.7 Function Reference


Version select

Like my work? Donate!

Donate to Loïc Hoguin because his work on Cowboy, Ranch, Gun and is fantastic:

Recurring payment options are also available via GitHub Sponsors. These funds are used to cover the recurring expenses like food, dedicated servers or domain names.