How to generate certificate chain for SSL authentication

Trying to authenticate api with SSL certs. They require a full cert chain (root, intermediate and leaf). I only know the basics of SSL so from what I understand leaf is what is installed on my server, root is from Clouflare themselves, and intermediate links the two. But I cannot find the intermediate certificates anywhere, so I cannot verify the full chain. This is how I'm trying to verify
❯ openssl verify -CAfile cloudflare-origin-ca-root.pem complete-chain.pem
❯ openssl verify -CAfile cloudflare-origin-ca-root.pem complete-chain.pem
Here my complete chain is just my leaf since I couldn't find the intermediate. Can anyone give some guidance or point me where to look?
1 Reply
doniyor_landa
doniyor_landaOP5mo ago
Update: On my frontend I've verified the chain, by downloading leaf from website (which uses lets encrypt) and intermediate/root from let's encrypt website. Then I ran openssl verify with this chain and it verified successfully. But i'm pretty sure the server uses cloudflare, so I dont think I have the right chain to authenticate my server Okay figured it out, not sure how to close ticket but Ill give resolution in case anyone needs. I guess there's no intermediate cert, I was able to verify the chain with just the Origin Certificate that I was able to download from cloudflare site, and the Origin CA root certificate. I concatenated the two into a chain, and the verification command from before worked
Want results from more Discord servers?
Add your server