=pod=head1 NAMEX509_check_ca - check if given certificate is CA certificate=head1 SYNOPSIS #include <openssl/x509v3.h> int X509_check_ca(X509 *cert);=head1 DESCRIPTIONThis function checks if given certificate is CA certificate (can be usedto sign other certificates).=head1 RETURN VALUEFunction return 0, if it is not CA certificate, 1 if it is proper X509v3CA certificate with B<basicConstraints> extension CA:TRUE,3, if it is selfsigned X509 v1 certificate, 4, if it is certificate withB<keyUsage> extension with bit B<keyCertSign> set, but withoutB<basicConstraints>, and 5 if it has outdated Netscape Certificate Typeextension telling that it is CA certificate.Actually, any non-zero value means that this certificate could have beenused to sign other certificates.=head1 SEE ALSOL<X509_verify_cert(3)>,L<X509_check_issued(3)>,L<X509_check_purpose(3)>=cut
