Hi all,

During HTTPS connection establishment server sends its certificate to client
for verification.
Now i want to prepare a certificate chain from this certificate which got
from server.

I downloaded the CA bundle from Mozilla website.Now i have to prepare the
cert chain from the peer certificate using this CA bundle.Please tell me how
to do this ?

My idea is i will took the issuer of the peer cert and i will check the CA
bundle which matches the subject field in this CA bundle ??? Am i right
?????

But when i browsed https://www.paypal.com , i got the peer certificate
whose issuer is

/C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at
https://www.verisign.com/rpa (c)06/CN=VeriSign Class 3 Extended Validation
SSL SGC CA


But i didn't find any root CA in the CA bundle with respect to above issuer.
How to prepare a chain like this type of case ?? Same in the case when i
browsed
https://www.citibank.co.in , https://www.axisbank.co.in etc

Sorry for long mail............

Thanks in advance,
Aravind.