On Tue, Sep 25, 2012, sanjaya joshi wrote:

> 
> We can conclude an X509 V1 certificate to be a root ca using
> (EXFLAG_V1|EXFLAG_SS).
> Similarly, is there a way to know whether an X509 V1 certificate is an
> intermediate CA or end-entity certificate ?
> 

You can't: there is nothing in a V1 certificate to mark it as a CA. You can't
actually be sure it is a root CA using the test you mentioned above: it could
be a self signed end entity certificate.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to