openssl verify -crl_check -CAfile yoursite-root-ca-c.crt -untrusted signer-ca-c3-chain.crt https-yoursite.com.chain.crt
All certificates are PEM encoded. Here is a description for each of them:
yoursite-root-ca-c.crt - the root certificate
signer-ca-c3-chain.crt - the intermediate certificate, with the trusted chain
https-yoursite.com.chain.crt - the endpoint certificate, which we want to check. Here is the whole certificate chain
No comments:
Post a Comment