/// Validates that the certificate provided is a CA certificate.
/// </summary>
/// <param name="certificate">The certificate to validate.</param>
/// <param name="certificationPathLength">The allowed certification path length.</param>
/// <returns><c>null</c> if the certificate info does not allow to determine the CA status;
/// otherwise, a boolean value indicating the CA status.</null></returns>
private static bool?IsCA(Org.BouncyCastle.X509.X509Certificate certificate, out int certificationPathLength)
{
// If certificate version equal to 3 then the isCA property can be retrieved.
if (certificate.Version == 3)
{
// A value of -1 indicates certificate is not a CA.
// A value of Integer.MAX_VALUE indicates there is no limit on the allowed length of the certification path.
certificationPathLength = certificate.GetBasicConstraints();
return(certificationPathLength != -1);
}
certificationPathLength = -1;
return(null);
}