-
-
Save pschultz/528864ec770e6469cab3c85418b34ab7 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ls -1 | |
# false-root.pem | |
# intermediate.pem | |
# leaf.pem | |
# root.pem | |
openssl x509 -noout -issuer -in leaf.pem | |
# issuer= /C=FR/ST=Paris/L=Paris/O=Gandi/CN=Gandi Standard SSL CA 2 | |
openssl x509 -noout -subject -issuer -in intermediate.pem | |
# subject= /C=FR/ST=Paris/L=Paris/O=Gandi/CN=Gandi Standard SSL CA 2 | |
# issuer= /C=US/ST=New Jersey/L=Jersey City/O=The USERTRUST Network/CN=USERTrust RSA Certification Authority | |
openssl x509 -noout -subject -in root.pem | |
# subject= /C=US/ST=New Jersey/L=Jersey City/O=The USERTRUST Network/CN=USERTrust RSA Certification Authority | |
openssl x509 -noout -subject -issuer -in false-root.pem | |
# subject= /C=US/O=Let's Encrypt/CN=Let's Encrypt Authority X3 | |
openssl verify -CAfile <(cat intermediate.pem root.pem) leaf.pem | |
# leaf.pem: OK | |
openssl verify -CAfile <(cat intermediate.pem false-root.pem) leaf.pem | |
# leaf.pem: C = FR, ST = Paris, L = Paris, O = Gandi, CN = Gandi Standard SSL CA 2 | |
# error 2 at 1 depth lookup:unable to get issuer certificate |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment