OpenSSL "verify" - Validate Self-Signed Certificate

Q

How to validate a self-signed certificate using OpenSSL "verify" command?

✍: FYIcenter.com

A

You can validate your self-signed certificate using the OpenSSL "verify" command as shown below:

C:\Users\fyicenter>\local\openssl\openssl.exe

OpenSSL> verify rsa_test.crt
rsa_test.crt: C = us, ST = NY, L = New York, O = Donald Inc., OU = IT, 
   CN = www.donald.inc, emailAddress = john@donald.inc
error 18 at 0 depth lookup:self signed certificate
OK

OpenSSL> verify -trusted rsa_test.crt rsa_test.crt
rsa_test.crt: OK

OpenSSL> verify -CAfile rsa_test.crt rsa_test.crt
rsa_test.crt: OK

Commands and their behaviors used in this test:

  • "verify rsa_test.crt" - Validate a self-signed certificate by itself. Validation failed.
  • "verify -trusted rsa_test.crt rsa_test.crt" - Validate a self-signed certificate with the same certificate specified as trusted. Validation passed.
  • "verify -CAfile rsa_test.crt rsa_test.crt" - Validate a self-signed certificate with the same certificate specified as CA. Validation passed.

 

OpenSSL "req -x509 -newkey" - Generate Private Key and Certificate

OpenSSL "x509 -text" - View Self-Signed Certificate in Text

OpenSSL "req" Command

⇑⇑ OpenSSL Tutorials

2016-11-15, 889👍, 0💬