>> Actually, that's not the reason. The positional [certificates]
>> arguments to verify(1) are not "chains". Only the first (leaf)
>> certificate of each of the argument files is processed.
Ok, that makes sense. Thanks for the update. I was trying this experiment
to understand a client authenti
> On Aug 13, 2017, at 11:39 AM, Sudarshan Raghavan
> wrote:
>
> 3. openssl verify -CAfile 2, intermediate ca 1 and root ca in that order>. This fails with this error
>
> "error 20 at 0 depth lookup: unable to get local issuer certificate
> error leafchain.pem: verification failed"
>
> I und
Hello OpenSSL users,
I have this certificate chain, root ca -> intermediate ca 1 -> intermediate
ca 2 -> leaf certificate. With this chain, I attempted combinations of
openssl verify commands to understand how it works with certificate chains.
1. openssl verify -CAfile . This
verifies ok as expe
