X509_check_issued.3ssl man page
X509_check_issued — checks if certificate is issued by another certificate
#include <openssl/x509v3.h> int X509_check_issued(X509 *issuer, X509 *subject);
This function checks if certificate subject was issued using CA certificate issuer. This function takes into account not only matching of issuer field of subject with subject field of issuer, but also compares authorityKeyIdentifier extension of subject with subjectKeyIdentifier of issuer if authorityKeyIdentifier present in the subject certificate and checks keyUsage field of issuer.
Function return X509_V_OK if certificate subject is issued by issuer or some X509_V_ERR* constant to indicate an error.
X509_verify_cert(3), X509_check_ca(3), verify(1)
Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
Licensed under the OpenSSL license (the "License"). You may not use this file except in compliance with the License. You can obtain a copy in the file LICENSE in the source distribution or at <https://www.openssl.org/source/license.html>.