I had an SSL certificate in place in an https server, but whenever I connected to the site, I would see a certificate error. I tried verifying the certificate and got the following error:
$ openssl verify cert.pemcert.pem: [details removed] error 20 at 0 depth lookup:unable to get local issuer certificate
I stumbled across a reference to Verisign requiring an “intermediate certificate” in order to verify an issued certificate. Consequently, I downloaded the following intermediate certificate from Verisign, based on the type of certificate I was working with. Storing this certificate into a file I called “verisign_intermediate.crt,” I was now able to verify my certificate:
$ openssl verify -CAfile verisign_intermediate.crt cert.pemcert.pem: OK
The final hurdle was to get the https server (nginx) to play ball. Per nginx documentation here, I simply appended the intermediate certificate to my main certificate file, reloaded the nginx configuration, et voilĂ ! No more certificate error.