Difference between single and multi level certificate

Question

Is there a way using which we can difference between multi-level and single level certificate.. I have an application where I am allowing user to upload certificates, I want to put a check that only single level files are uploaded

Is there a command to do that??

Thanks

Answer 1

Multi-level certificate means which is signed by some other CA. Single-level certificate means certificate signed by itself which is also known as self-signed certificate.

Means, if you can check if the certificate is self-signed, then you can tell if it is single or multi-level.

To check quickly if certificate is self-signed, you can use following command:

 openssl verify -CAfile cert.crt cert.crt

Where cert.crt is your certificate in PEM format.

If it tests okay, then it is self signed and hence single level. Otherwise, multi-level.

You can also write C program to verify if your certificate is self signed or using X509_verify function.