verify certificate chain (in memory)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Lei Sun wrote:
> Hi:
> ? In my project I need to verify certificate chain sent from server.
> The chain has root->inter mediate -> server, 3 level chain. The
> server certificate files can be verified by "openssl verify" command:
> 
> openssl verify -CAfile root.crt server.crt
> OK.
> 
> But I had to combine the root cert and intermediate cert into single
> file, to verify the whole chain via command line.

Have you tried combining the intermediate and the server cert into a
single file? That should work, and is more akin to the actual behavior
(the server sends its certificate plus any ?intermediates, and the
client should only need the root).

Kind regards



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux