Share my minds: SSL certificate: DER, PEM and error 20

I had an SSL certificate in a https server, but whenever I connected to this my site, I saw certificate error. First I check that my certificate is in DER form which is not accepted by my server. I have to convert it to PEM :

root@prod:~/cert# openssl x509 -in my_cert.cer -out my_cert.pem -inform DER -outform PEM

Than I saw that I have stil problems with certificate

root@prod:~/cert#  openssl verify my_cert.pem: [details removed]
error 20 at 0 depth lookup:unable to get local issuer certificate

I googled and found that I should get issuer certificate and combine it with my certificate. I downloaded issuer certificate in DER format and converted it to PEM.

root@prod:~/cert#  openssl x509 -in l4.cer -out l4.pem -inform DER -outform PEM

Than I checked if everything is OK:

root@prod:~/cert# openssl verify -CAfile l4.pem my_cert.pem: OK

Final step was combined my_cert.pem with l4.pem :

root@prod:~/cert# cat my_cert.pem l4.pem >> my_cert.crt

I copied my_cert.crt and my_cert.key to /etc/ssl/ and configured my nginx to use it. No more certificate error.

Share my minds

wtorek, 22 kwietnia 2014

SSL certificate: DER, PEM and error 20

Szukaj na tym blogu