[SLL] unable to get local issuer certificate
Mark Foster
mark at foster.cc
Thu Oct 25 11:28:06 PDT 2007
Jeremy C. Reed wrote:
> And "openssl s_client -connect www.verisign.com:443 -showcerts" for me
> shows:
>
> depth=3 /C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification
> Authority
> verify error:num=19:self signed certificate in certificate chain
>
>
> I am guessing that problem is because I don't have the CA details setup
> when using openssl (via lynx and wget) and it won't matter for my customer
> using MSIE.
>
That's what the -CAfile or -CApath args to openssl s_client will get you.
So the verify error will probably go away if you add -CAfile
/path/to/thawte/root/cert
--
Said one park ranger, 'There is considerable overlap between the
intelligence of the smartest bears and the dumbest tourists.'
Mark D. Foster, CISSP <mark at foster.cc> http://mark.foster.cc/
More information about the linux-list
mailing list