Ok, so deriving/extracting the root CA's certificate from an SSL
certificate is not possible.
So, another question:
Can openssl be given an SSL cert and a list of trusted root CAs' certs
and it just output the root CA's cert that goes with (signed) that SSL
cert? Or is it a matter of doing an openssl command that would tell you
a fingerprint of the issuer's key/cert from the SSL cert, then another
command to find that fingerprint in a list of other certs?
Thanks,
Davy
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]