Hello,
> $ openssl s_client -cert solar_client.pem -CAfile private/root.pem
> Enter pass phrase for solar_client.pem:
> CONNECTED(00000003)
> depth=0 /C=US/ST=NJ/L=Florham Park/O=AT&T
> Research/CN=solarium.research.att.com
> verify error:num=20:unable to get local issuer certificate
> verify return:1
> depth=0 /C=US/ST=NJ/L=Florham Park/O=AT&T
> Research/CN=solarium.research.att.com
> verify error:num=27:certificate not trusted
> verify return:1
> depth=0 /C=US/ST=NJ/L=Florham Park/O=AT&T
> Research/CN=solarium.research.att.com
> verify error:num=21:unable to verify the first certificate
> verify return:1
This looks like "incompatible" cert and CA cert certificates.
Check that on both sides you have the same root.pem
file AND that on both sides application certificates
verifies against root.pem.
You may check this with command:
$ openssl verify -CAfile root.pem cert_to_check.pem
Best regards,
--
Marek Marcola <[EMAIL PROTECTED]>
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
