Hello,
With my electronic id, I have a x509 certificate and I would like to check the validity of this certificate.
I exported and inspect the certificate using
Code:
$ pkcs15-tool --read-certificate 02 > mykey.crt
$ openssl x509 -in mykey.crt -issuer -noout
issuer= /C=BE/CN=Citizen CA/serialNumber=200801
I went to the official
certificate repository website and downloaded the citizen200801.crt (cf serial number) file and the
Belgium Root CA file (actually exporting them into PEM files using firefox).
I'm able to verify the CitizenCA certificate
Code:
$ openssl verify -CAfile BelgiumRootCA CitizenCA
CitizenCA: OK
but I don't understand how to check my certificate
Code:
$ openssl verify -CAfile CitizenCA mykey.crt
mykey.crt: C = BE, CN = Citizen CA, serialNumber = 200801
error 2 at 1 depth lookup:unable to get issuer certificate
Any idea ? Thank you