troubleshooting Question

OpenSSL Error: Unable to get Local issuer certificate inspite of storing certificate chain in Linux

Avatar of bm perumalla
bm perumalla asked on
Linux* OpenSSL
6 Comments2 Solutions1628 ViewsLast Modified:
Hello Experts,

I am new to SSL setup and i am trying to establish https communication between my linux based agent application and target windows WebServer for hich i obtained a signed certificate by our internal CA Server. I copied the same certificate to my linux machine default location prescribed by our product documentation under /var/opt/<ourproductname>/etc/ssl/certs/cert.pem.
Since the server certificate is authorized (signed) by a Certificate Authority, the process may include checking whether that Certificate Authority
is trusted. The checking process continues until it reaches the root Certificate Authority (CA),on which the client device can recognize as trusted. This trust occurs when a CA certificate is 'known' to the client. Now as suggested in our product document,I concatenated the root ca .pem file and my windows webserver ca .pem file to a single .pem file as follows:


#!/bin/sh
rm cert.pem
for i in root_ca.pem webserver_ca.pem; do
openssl x509 -in $i -text >> cert.pem
done
It throws error as follows:
unable to load certificate
139779506755328:error:0906D06C:PEM routines:PEM_read_bio:no start line:crypto/pem/pem_lib.c:691:Expecting: TRUSTED CERTIFICATE

Then, when i run my agent application to communicate with my windows webserver, it throws below error:
"Error 0xE1BBFC14: OpenSSL error 0xFC14: unable to get local issuer certificate"

I am struggling for last three days day and night to solve this.Please help.
Your help is much appreciated.
Many thanks,
Sriram
ASKER CERTIFIED SOLUTION
Log in to continue reading
Become an EE member today7-DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform for $9.99/mo
View membership options
Unlock 2 Answers and 6 Comments.
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
See how we're fighting big data
The Value of Experts Exchange in My Daily IT Life

Experts Exchange (EE) has become my company's go-to resource to get answers. I've used EE to make decisions, solve problems and even save customers. OutagesIO has been a challenging project and... Keep reading >>

Mike

Owner of Outages.IO
Phoenix, Arizona, United States
Member Since 2016
Join a full scale community that combines the best parts of other tools into one platform.
Unlock 2 Answers and 6 Comments.
View membership options
“All of life is about relationships, and EE has made a virtual community a real community. It lifts everyone's boat.”
William Peck

Member since 2004