• 12

Openssl is telling me it can't verify my concatenated cert. I downloaded the intermediate cert from the issuer (AlphaSSL) and concatenated that with my domain cert I purchased (domain cert first, then the AlphaSSL intermediate cert) as instructed by google app engine. I then followed their instructions for verifying:

openssl verify -verbose -CAfile mycert_cat.crt mycert_cat.crt

I tried to verify using the above and received this error message:

mycert_cat.crt: /C=BE/O=GlobalSign nv-sa/CN=AlphaSSL CA - SHA256 - G2
error 2 at 1 depth lookup:unable to get issuer certificate

I googled it, but the results said I forgot to append the cert to the file. I did not.

What else can cause this issue?

To check certificate with openssl you need all intermediate certificates, including root one. And best practice tell will be wise to separate files: put the certificate in one file and put intermediate and root certificates in other file.

  • 0
Reply Report

Warm tip !!!

This article is reproduced from Stack Exchange / Stack Overflow, please click

Trending Tags