5

Openssl is telling me it can't verify my concatenated cert. I downloaded the intermediate cert from the issuer (AlphaSSL) and concatenated that with my domain cert I purchased (domain cert first, then the AlphaSSL intermediate cert) as instructed by google app engine. I then followed their instructions for verifying:

openssl verify -verbose -CAfile mycert_cat.crt mycert_cat.crt

I tried to verify using the above and received this error message:

mycert_cat.crt: /C=BE/O=GlobalSign nv-sa/CN=AlphaSSL CA - SHA256 - G2
error 2 at 1 depth lookup:unable to get issuer certificate

I googled it, but the results said I forgot to append the cert to the file. I did not.

What else can cause this issue?

L. Blanc
  • 151
  • 1
  • 1
  • 2

1 Answers1

1

To check certificate with openssl you need all intermediate certificates, including root one. And best practice tell will be wise to separate files: put the certificate in one file and put intermediate and root certificates in other file.

Romeo Ninov
  • 5,263
  • 4
  • 20
  • 26