I have a client-provided SSL cert that seems to be provided by Verisign but
issued by my good friends at Network Problems. I thought this was part of
default cert.pem, but maybe not.
The docs on Verisign's site are... ahem... unhelpful.
I have what I think is the correct CA chain for this cert, but still trying to
determine what marketing terms overlap with what reality. But how is it to be
tested?
here is the info ( nj.pem contains the Certificate and the Private Key )
$ openssl verify nj.pem
nj.pem: /C=US/postalCode=99999/ST=OH/L=Columbus/streetAddress=4111 XXXX
Ave./O=XYZ Inc./OU=Secure Link SSL Pro/CN=xyz.foo.com
error 20 at 0 depth lookup:unable to get local issuer certificate
$ openssl x509 -noout -in nj.pem -issuer
issuer= /C=US/O=Network Solutions L.L.C./CN=Network Solutions Certificate
Authority
So if append the correct CA certs to my nj.pem, then 'openssl verify' should
be happy, is this correct?
thanks!
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
