I have a certificate received from client. In my server application I need to check if the received certificate is a CA or User certificate. I am currently using mbedTLS library for implementing security. There is an example already to check this case in JAVA. Similarly, I would like to know how to check using mbedTLS library or OpenSSL command.
Have a look at the int mbedtls_x509_crt::ca_istrue field. Which is:
Optional Basic Constraint extension value: 1 if this certificate belongs to a CA, 0 otherwise.
https://tls.mbed.org/api/structmbedtls__x509__crt.html#a196b3a43dae5a1c0058f46075f832890
EDIT: According to your example you need to check the if MBEDTLS_X509_KU_KEY_CERT_SIGN (link) of the key_usage (link) is set in the mbedtls_x509_crt structure.