[openssl-users] Problem verifying a certificate chain

Viktor Dukhovni openssl-users at dukhovni.org
Wed Nov 29 15:48:29 UTC 2017

On Wed, Nov 29, 2017 at 04:33:39PM +0100, Pascal Withopf wrote:

> Which means I have the following certificate chain:
> root.pem -> serverCA.pem -> server.pem
> But when I try to make a connection I see following error at the client
> side:
> Error with certificate at depth: 1
> issuer  = /C=XX/ST=XX/L=test/O=Testorganisation/CN=Root CA
> subject = /C=XX/ST=XX/L=test/O=Testorganisation/CN=Server CA
> err 24:invalid CA certificate

The intermediate CA extensions are likely incorrect.  Post
the certificate in question.

> Did I do something wrong creating the certificates?

Likely yes.


More information about the openssl-users mailing list