我正在尝试使用他们自己的中间和根证书来验证我从Apple获得的证书。这就是我所做的和我得到的答案:
c:\dev\OpenSSL-Win64\bin>openssl.exe verify -CAfile k:\MDM\AppleIncRootCertificate.pem k:\MDM\AppleWWDRCA.pem k:\MDM\mdm_public.pem
k:\MDM\AppleWWDRCA.pem: OK
k:\MDM\mdm_public.pem: UID = NQLH5GG9T6, CN = MDM Vendor: E A/S, OU = E A/S, O = E A/S, C = DK
error 20 at 0 depth lookup:unable to get local issuer certificate
有没有人对此有解释或解决方案?
答案 0 :(得分:1)
问题是我使用openssl verify
的方式不正确。证书链需要在文件(AppleIncRootCertificate.pem和AppleWWDRCA.pem)中连接,正确使用如下:
openssl.exe verify -CAfile k:\mdm\cert_chain k:\MDM\mdm_public.pem
结果是:
k:\MDM\mdm_public.pem: OK