OpenSSL - OpenSSL "verify -CAfile" - Specify Root CA Certificate

OpenSSL "verify -CAfile" - Specify Root CA Certificate

Q

How to specify the root CA certificates that close the signing chain for the server certificate for OpenSSl "verify" command? I have downloaded the root CA certificate in a file.

✍: FYIcenter.com

A

If you have the root CA certificate downloaded in a file, you can provide it to the OpenSSL "verify" command using the "-CAfile" option as shown below:

C:\Users\fyicenter>\local\openssl\openssl.exe

OpenSSL> verify -untrusted twitter_chain.pem -CAfile DigiCert.pem twitter.pem

twitter.pem: OK

The result is good. The certificate validation passed. Let's review the "verify" command options and arguments again:

"twitter.pem" argument specifies the server certificate.
"-untrusted twitter_chain.pem" option specifies intermediate CA certificates that used in the signing chain of the server certificate.
"-CAfile VeriSign.pem" option specifies the root CA certificate that signs the last intermediate CA certificate in the chain.

⇒ OpenSSL "genpkey" Command for RSA Keys

⇐ Download Root CA Certificate

⇑ OpenSSL "verify" Command

⇑⇑ OpenSSL Tutorials

2012-07-24, 7844👍, 0💬

OpenSSL "verify -CAfile" - Specify Root CA Certificate
How to specify the root CA certificates that close the signing chain for the server certificate for OpenSSl "verify" command? I have downloaded the root CA certificate in a file. If you have the root CA certificate downloaded in a file, you can provide it to the OpenSSL "verify" command using the "-... 2012-07-24, 7845👍, 0💬

Download Root CA Certificate
How to download the certificate from a root CA? I need to the root CA certificate to close the certification validation chain. If you know the CN (Common Name) of the root CA, for example "DigiCert High Assurance EV Root CA", you can search and download it our certificate database at certificate.fyi... 2012-07-24, 7214👍, 0💬

What Is Java Keystore File
What is a Java Keystore file? I heard that it used to provide CA certificates to Java applications. A Java Keystore file is a specially formatted file used to store cryptographic keys and certificates. A Java KeyStore file can be used to store 3 types of entries: 1. PrivateKeyEntry - This type of en... 2012-07-24, 4868👍, 0💬

What Is the Structure of Certificates
What is the structure of certificates? What types of values are recorded in a certificate? The structure of an X.509 Version 3 certificate is defined in RFC 5280 - "Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile". It contains the following values: ... 2012-07-24, 3324👍, 0💬

All rights in the contents of this web site are reserved by the individual author. fyicenter.com does not guarantee the truthfulness, accuracy, or reliability of any contents.