Thanks Ted, Suresh, and Marek for your help! I'm back on the
merry-go-round again. -- larry
Marek Marcola wrote: Hello,$ openssl s_client -cert solar_client.pem -CAfile private/root.pem Enter pass phrase for solar_client.pem: CONNECTED(00000003) depth=0 /C=US/ST=NJ/L=Florham Park/O=AT&T Research/CN=solarium.research.att.com verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 /C=US/ST=NJ/L=Florham Park/O=AT&T Research/CN=solarium.research.att.com verify error:num=27:certificate not trusted verify return:1 depth=0 /C=US/ST=NJ/L=Florham Park/O=AT&T Research/CN=solarium.research.att.com verify error:num=21:unable to verify the first certificate verify return:1This looks like "incompatible" cert and CA cert certificates. Check that on both sides you have the same root.pem file AND that on both sides application certificates verifies against root.pem. You may check this with command: $ openssl verify -CAfile root.pem cert_to_check.pemBest regards, |