Tutorials ID : HOWTO111088
Step 1 : Verify the SSL certificate OCSP URL
Enter the following command and copy the URL to a text editor.
openssl x509 -in cert.cer -noout -ocsp_uri
Note: cert.crt file should contain only the X.509 Base 64 encoded End Entity SSL Certificate
Step 2: Download the Intermediate file and the Root file
Note: Ensure that the appropriate Root and Intermediate CA certificates for the SSL certificate type have been selected.
To check which certificate type you have purchased, follow the steps from this link: SO13499
1. Download the Symantec Root CA certificate from this link: SO4785
2. Save Root CA certificate file as root.cer
3. Download the Intermediate CA certificate from this link INFO657
4. Select the appropriate Intermediate CA certificate for the SSL Certificate type.
5. Save Intermediate CA certificate file as intermediate.cer
Step 3: Combine Root and Intermediate certificate to ca bundle file
cat intermediate.cer >> bundle.cer
cat root.cer >> bundle.cer
Note: Ensure that the file is left justified and has no blank lines and no spaces between -----BEGIN CERTIFICATE----- and -----END CERTIFICATE-----
Step 4: Verify the SSL certificate with the OCSP server
openssl ocsp -issuer intermediate.cer -CAfile bundle.cer -cert cert.cer -url <Enter the URL that has been verified with Step 1> -no_nonce