[openssl-users] cert chain file ordering question

[Norm Green]

On 1/9/2018 6:03 AM, Benjamin Kaduk wrote:
> Did you try something like (with a 1.1.0 installation):
>
> openssl verify -CAfile RootCA.pem -untrusted chain.pem chain.pem
>
> with the leaf certificate as the first one in chain.pem?

Same result. The only way it seems to work is if the leaf cert appears 
at the end of the file.

Norm