SSL (Secure Sockets Layer) is used to established an encrypted link between our servers and your client.
To be able to create an SSL connection we use SSL Certificates.
Some merchants use OpenSSL to verify our SSL certificates.
Since a server can have more than one certificate you will need to use the -servername
argument to specify the host that you are checking.
Examples
openssl s_client -servername api.na.bambora.com -connect api.na.bambora.com:443
openssl s_client -servername www.beanstream.com -connect www.beanstream.com:443
OpenSSL may output the following:
...
depth=1 /C=US/O=GeoTrust Inc./CN=GeoTrust SSL CA - G3
verify error:num=20:unable to get local issuer certificate
verify return:0
...
---
You can resolve this by doing the following:
-CAfile
argument pointing to the downloaded fileExamples
openssl s_client -servername api.na.bambora.com -connect api.na.bambora.com:443 -CAfile "FILEPATH/GeoTrust_Global_CA.pem"
openssl s_client -servername www.beanstream.com -connect www.beanstream.com:443 -CAfile "FILEPATH/GeoTrust_Global_CA.pem"