<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
On 30.05.2018 08:45, Mark Shnaider via openssl-users wrote:
<blockquote
cite="mid:DM5PR04MB3753D78EB6AE007D2899E5F88E6C0@DM5PR04MB3753.namprd04.prod.outlook.com"
type="cite">
<meta http-equiv="Context-Type" content="text/html;
charset=us-ascii">
<div>
<p>Hello, </p>
<p>I use OpenSSL version is openssl-1.1.0h(Windows) and </p>
<p>I run following command from apps directory </p>
<p><code><span lang="EN">openssl s_server -accept 443 -www</span></code>
</p>
<p>The server in this case use certificate "server.pem" </p>
<p>On client computer I run command </p>
<p>openssl s_client -connect 10.65.48.108:443 </p>
<p>On client computer I get error : </p>
<p>Verify return code: 21 (unable to verify the first
certificate) </p>
<p>What is wrong? </p>
<p>Thanks for any help </p>
<p>Mark </p>
</div>
</blockquote>
very probable, that the client doesn't have the root ca certificate
of the ca certificate that signed server.pem<br>
<br>
you should have at least the following<br>
<br>
ca.pem - the root ca<br>
server.pem - the server ssl/tls certificate<br>
<br>
Walter<br>
</body>
</html>