X509_check_issued.3ssl man page

X509_check_issued — checks if certificate is issued by another certificate


#include <openssl/x509v3.h>
int X509_check_issued(X509 *issuer, X509 *subject);


This function checks if certificate subject was issued using CA certificate issuer. This function takes into account not only matching of issuer field of subject with subject field of issuer, but also compares authorityKeyIdentifier extension of subject with subjectKeyIdentifier of issuer if authorityKeyIdentifier present in the subject certificate and checks keyUsage field of issuer.

Return Value

Function return X509_V_OK if certificate subject is issued by issuer or some X509_V_ERR* constant to indicate an error.

See Also

X509_verify_cert(3), X509_check_ca(3), verify(1)