In that case, remove stale, possibly expired intermediate CAs from your CAfile/CApath as mentioned in an earlier message. Then c_rehash once more. > On Nov 19, 2018, at 1:03 AM, Ken <OpenSSL at k-h.us> wrote: > > "c_rehash" did not make any difference. -- Viktor.