Hello, > I am trying to verify a certificate with the folowing command line on a > windows 32 bit plateform: > > C:\OpenSSL\bin> openssl verify -CAfile d:\cert.pem d:\cert2.pem > > It replies me: > > d:\cert2.pem: /C=FR/ST=Cote d Or/L=Saint Apollinaire/O=societe des AUTOROUTES > PARIS RHIN RHONE/OU=DTR/DRTM/RT/OU=Provided by TBS INTERNET > http://www.tbs-certificats.com//CN=preprod-gc.parisrhinrhone.fr error 20 at 0 > depth lookup:unable to get local issuer certificate > > What's wrong ? Probably you do not have full certificate chain in cert.pem.
Look at issuer filed in cert2.pem and check that subject from cert.pem matches (for top level CA (root CA) subject == issuer). If not, you must get all certs from chain up to root CA and put this certs in cert.pem. Best regards, -- Marek Marcola <[EMAIL PROTECTED]> ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]