1=pod 2 3=head1 NAME 4 5X509_check_issued - checks if certificate is apparently issued by another 6certificate 7 8=head1 SYNOPSIS 9 10 #include <openssl/x509v3.h> 11 12 int X509_check_issued(X509 *issuer, X509 *subject); 13 14 15=head1 DESCRIPTION 16 17X509_check_issued() checks if certificate I<subject> was apparently issued 18using (CA) certificate I<issuer>. This function takes into account not only 19matching of the issuer field of I<subject> with the subject field of I<issuer>, 20but also compares all sub-fields of the B<authorityKeyIdentifier> extension of 21I<subject>, as far as present, with the respective B<subjectKeyIdentifier>, 22serial number, and issuer fields of I<issuer>, as far as present. It also checks 23if the B<keyUsage> field (if present) of I<issuer> allows certificate signing. 24It does not check the certificate signature. 25 26=head1 RETURN VALUES 27 28Function return B<X509_V_OK> if certificate I<subject> is issued by 29I<issuer> or some B<X509_V_ERR*> constant to indicate an error. 30 31=head1 SEE ALSO 32 33L<X509_verify_cert(3)>, 34L<X509_check_ca(3)>, 35L<verify(1)> 36 37=head1 COPYRIGHT 38 39Copyright 2015-2020 The OpenSSL Project Authors. All Rights Reserved. 40 41Licensed under the OpenSSL license (the "License"). You may not use 42this file except in compliance with the License. You can obtain a copy 43in the file LICENSE in the source distribution or at 44L<https://www.openssl.org/source/license.html>. 45 46=cut 47