For Ubuntu 14.04, the correct syntax is:
openssl s_client -CApath /etc/ssl/certs -connect www.example.com:443
If you miss out the -CApath option, you may get the following errors buried in the output:
verify error:num=19:self signed certificate in certificate chain
Verify return code: 19 (self signed certificate in certificate chain)
Or (depending on how the Certificate was set up):-
verify error:num=20:unable to get local issuer certificate
Verify return code: 20 (unable to get local issuer certificate
With the correct CApath, you should be seeing
Verify return code: 0 (ok)
near the bottom of the output.
Subscribe to:
Post Comments (Atom)
Posts
No comments:
Post a Comment
Spammers: please stop wasting my time. All comments are moderated before publication.