> According to that, your client cert isn't self-signed.
> It is apparently signed by the same company, which isn't
> the same thing; in X.509 and SSL, self-signed means that
> the cert Subject and Issuer,and specifically the subject
> KEY and the issuing/signing KEY, are EXACTLY the same.
> W
> From: owner-openssl-us...@openssl.org On Behalf Of jason.ting
> Sent: Monday, 29 November, 2010 02:15
> >[server rejects client cert]. Look at the server CertReq to see
> >if it is asking for particular CA(s) and if so whether the cert
> >your client is using is issued by that CA (or one of th
>The server doesn't think so. Look at the server CertReq to see
>if it is asking for particular CA(s) and if so whether the cert
>your client is using is issued by that CA (or one of them).
>Also check whether it is directly under or chained;
>if the latter I don't think commandline s_client can
> From: owner-openssl-us...@openssl.org On Behalf Of jason.ting
> Sent: Thursday, 25 November, 2010 04:16
> ... I am a client and the SSL server is being managed
> by a 3rd party. When i try ...
> openssl s_client -connect i5.paywide.nps.comm.com:9001 -CAfile
> verisignVB.pem -cert L2009080526.crt
