On Mon, Oct 09, 2023 at 09:45:35PM +0530, Brahmaji K wrote: > If I got the certificate chain out of order [...], then is there a > direct way (i.e., with[out?] any openssl API(s)), we can create the > certificates chain in the correct order as - Cert 4 || Cert 3 || Cert > 2 || Cert 1? It seems, you're looking for a CLI feature, that would not require writing code. That's a missing feature of the openssl-verify(1) command. It has a `-show_certs` option that prints just the distinguished names of the certificates in constructed chain, but has no `-print_certs` function that would instead just output the constructed chain. This would make a good entry-level contribution to the OpenSSL project. -- Viktor.