DragonFly On-Line Manual Pages

Search: Section:  

X509_CHECK_CA(3)      DragonFly Library Functions Manual      X509_CHECK_CA(3)


NAME

     X509_check_ca -- check whether a certificate is a CA certificate


SYNOPSIS

     #include <openssl/x509v3.h>

     int
     X509_check_ca(X509 *cert);


DESCRIPTION

     This function checks whether the given certificate is a CA certificate,
     that is, whether it can be used to sign other certificates.


RETURN VALUES

     This functions returns non-zero if cert is a CA certificate or 0 other-
     wise.

     The following return values identify specific kinds of CA certificates:

     1	 an X.509 v3 CA certificate with basicConstraints extension CA:TRUE

     3	 a self-signed X.509 v1 certificate

     4	 a certificate with keyUsage extension with bit keyCertSign set, but
	 without basicConstraints

     5	 a certificate with an outdated Netscape Certificate Type extension
	 telling that it is a CA certificate


SEE ALSO

     X509_check_issued(3), X509_verify_cert(3)


HISTORY

     X509_check_ca() first appeared in OpenSSL 0.9.7f and has been available
     since OpenBSD 3.8.

DragonFly 5.5			March 22, 2018			 DragonFly 5.5

Search: Section: