Hello,
> When I do that, I now get:
> 
> RAPTOR_$ openssl s_client -connect adtest:636 "-CAfile" certnew.pem
> CONNECTED(00000003)
> depth=0 /CN=adtest.altdomain2000.psccos.com
> verify error:num=20:unable to get local issuer certificate
> verify return:1
> depth=0 /CN=adtest.altdomain2000.psccos.com
> verify error:num=27:certificate not trusted
> verify return:1
> depth=0 /CN=adtest.altdomain2000.psccos.com
> verify error:num=21:unable to verify the first certificate
> verify return:1
> ---
> Certificate chain
>   0 s:/CN=adtest.altdomain2000.psccos.com
>     i:/C=US/ST=CO/L=Colorado Springs/O=Process Software/CN=homeca
Get server certificate (lets say server_cert.pem) and execute:
        $ openssl verify -CAfile certnew.pem server_cert.pem
if this will return success, s_client will verify successfully
this server cert too.
Next information, certnew.pem should have CA cert from:
        C=US/ST=CO/L=Colorado Springs/O=Process Software/CN=homeca

Best regards,
-- 
Marek Marcola <[EMAIL PROTECTED]>

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to