I have a concatenated file containing root CA and intermediate CA (say concat.pem, having the 2 CA certificates) copied to a directory say "ca" I have a entity certificate (cert1) signed by above intermediate CA (say inter.pem) The observation is This command works : openssl verify -CAfile ca/concat.pem cert1 This command does not work: openssl verify -CApath ca cert1 ((ca directory has concat.pem in hash.0 format)) But if we copy the intermediate CA as well to the ca/ directory, the above command works If verification with -CAfile with a concatenated CA file works, when the same file is present in the "ca" directory and is specified as option to -CApath directory, why verification fails? Thanks Bala
