|X509_CHECK_CA(3)||Library Functions Manual||X509_CHECK_CA(3)|
check whether a certificate is a CA certificate
function checks whether the given certificate is a CA certificate, that is,
whether it can be used to sign other certificates.
If cert is a CA certificate, a non-zero value is returned; 0 otherwise.
The following return values identify specific kinds of CA certificates:
X509_check_ca() first appeared in OpenSSL
0.9.7f and has been available since OpenBSD 3.8.
X509_check_ca() fails to cache X509v3
extension values, the return value may be incorrect. An application should
with a purpose argument of -1, ensuring that the
X509v3 extensions are cached, before calling
|May 10, 2022||OpenBSD-current|