Have you ever had a user certificate for a vpn ( ssl/ipsec/openvpn ) and wondered if the user certificate is chained to the the corresponding signing cert?
Here's a quick dirty down method for verifying certificate chaining & by using openssl against a self signed user-certificates.
Take these certificates;
As you can see, they are okay'd against the CA certificate myopenvpn.crt but all have expired
Now here's 3 users certificates named user1 2 3 ;
btw: all of these 3 of these users have a different size key as indicated here. The keysize has no bearing on verification.
( see below )
Here's a few certificates not in the trust chain & that fails (certificates myuser1 and 2 )
So in my private CAinternal these keys checked out against the CAroot certificate named "MYCAPFSENSE.crt" This is a good way to validate certificate in a certificate in a trust-chain.
NSE ( network security expert) and Route/Switching Engineer
kfelix -----a----t---- socpuppets ---dot---com
=( @ @ )=