Your company here — click to reach over 10,000 unique daily visitors

gnutls_x509_crt_get_basic_constraints - Man Page

API function


#include <gnutls/x509.h>

int gnutls_x509_crt_get_basic_constraints(gnutls_x509_crt_t cert, unsigned int * critical, unsigned int * ca, int * pathlen);


gnutls_x509_crt_t cert

should contain a gnutls_x509_crt_t type

unsigned int * critical

will be non-zero if the extension is marked as critical

unsigned int * ca

pointer to output integer indicating CA status, may be NULL, value is 1 if the certificate CA flag is set, 0 otherwise.

int * pathlen

pointer to output integer indicating path length (may be NULL), non-negative error codes indicate a present pathLenConstraint field and the actual value, -1 indicate that the field is absent.


This function will read the certificate's basic constraints, and return the certificates CA status.  It reads the basicConstraints X.509 extension (


If the certificate is a CA a positive value will be returned, or (0) if the certificate does not have CA flag set.  A negative error code may be returned in case of errors.  If the certificate does not contain the basicConstraints extension GNUTLS_E_REQUESTED_DATA_NOT_AVAILABLE will be returned.

Reporting Bugs

Report bugs to <bugs@gnutls.org>.
Home page: https://www.gnutls.org

See Also

The full documentation for gnutls is maintained as a Texinfo manual. If the /usr/share/doc/gnutls/ directory does not contain the HTML form visit



3.8.6 gnutls