2008/10/29 Chris Wilson

> Read the error message? OpenSSL doesn't know where to get 1's certificate
> (the issuer of 2's certificate). It can't pull it out of thin air. Try
> appending the contents of file 1 to file 2. (adding 1's certificate to 2's
> bundle).

Thanks for the reply.

Is there any way to perform just the validation of the link rather than the
whole chain?

The reason for this (and why I'm experimenting so as to understand) is that
I have an embedded application where the certificate that I trust may be
signed by something I have no access to. The way the device is configured
means that the certificate is implicitly trustworthy.

On a slightly different tack, would I have more flexibility from C rather
than the OpenSSL app? (I'm guessing yes).