openssl issues (a tiny bit off topic)

From: Matty (mattycruft@daemons.net)
Date: 11/21/02


From: "Matty" <mattycruft@daemons.net>
Date: Wed, 20 Nov 2002 19:35:06 -0500

Does anyone know where Verisign keeps their root certificates? I
am developing a script to test a secure website, and the following
snipit:

openssl s_client -connect www.etrade.com:443 << EOF
GET / HTTP/1.0

EOF

produces:

[matty@pooh matty]$ openssl s_client -connect www.etrade.com:443 |more
depth=1 /O=VeriSign Trust Network/OU=VeriSign, Inc./OU=VeriSign
International Server CA - Class 3/OU=www.verisign.com/CPS Incorp.by Ref.
LIABILITY LTD.(c)97
VeriSign
verify error:num=20:unable to get local issuer certificate
verify return:0

I assume that the "unable to get local issuer certificate" is
telling me that it doesn't have the root cert to verify the
cert supplied by the server. Anyone know where Verisign keeps there root
certs? I have been browsing their website, and can't find squat.

Thanks,
Ryan