Ask a Question

Tutorials ID : HOWTO111088

How to verify a Symantec SSL certificate with OCSP server.


Step 1 : Verify the SSL certificate OCSP URL

Enter the following command and copy the URL to a text editor.

openssl x509 -in cert.cer -noout -ocsp_uri

Note: cert.crt file should contain only the X.509 Base 64 encoded End Entity SSL Certificate

Step 2: Download the Intermediate file and the Root file

Note: Ensure that the appropriate Root and Intermediate CA certificates for the SSL certificate type have been selected.
          To check which certificate type you have purchased, follow the steps from this link: SO13499

1. Download the Symantec Root CA certificate from this link: SO4785
2. Save Root CA certificate file as root.cer
3. Download the Intermediate CA certificate from this link INFO657
4. Select the appropriate Intermediate CA certificate for the SSL Certificate type.
5. Save Intermediate CA certificate file as intermediate.cer

Step 3: Combine Root and Intermediate certificate to ca bundle file

cat intermediate.cer >> bundle.cer
cat root.cer >> bundle.cer

Note: Ensure that the file is left justified and has no blank lines and no spaces between -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----

Step 4: Verify the SSL certificate with the OCSP server

openssl ocsp -issuer intermediate.cer -CAfile bundle.cer -cert cert.cer -url <Enter the URL that has been verified with Step 1> -no_nonce