ssl-users
> wrote:
>
> From: James <mailto:openssl-us...@natsuki.co.uk>
> To: mailto:openssl-users@openssl.org
> Subject: Re: Certificate verification with cross signed CAs
> Message-ID: <mailto:c457519e-e386-4df8-84ec-9efb7a0f9...@natsuki.co.uk>
> Content-Type: t
From: James <mailto:openssl-us...@natsuki.co.uk>
To: mailto:openssl-users@openssl.org
Subject: Re: Certificate verification with cross signed CAs
Message-ID: <mailto:c457519e-e386-4df8-84ec-9efb7a0f9...@natsuki.co.uk>
Content-Type: text/plain; charset="utf-8"
> The certif
The certificates are attached below.The use case is client A only has ta_primary_cert.pem and client B only has ta_secondary_cert.pemI’m trying to build a chain that the server can use (in the server hello) so that both client A and client B can successfully connect.Since openssl verify -trusted ta
On Mon, Jul 01, 2024 at 03:54:46PM +0100, James Chapman wrote:
> I’ve been using openssl verify to check some certificate chains:
>
> server -> ca -> roota
> server -> alt_ca-> rootb
>
> Certificates ca and alt_ca have the same subject and public key and different
> issuers.
>
> openssl veri
