WebCert - Certificate Validation Request

Select a certificate for verification
	Upload Your certificate (PEM format)
	Remote certificate check - type URL
Here we select the certificate we would like to validate. If it is a local file on your PC, it needs to be PEM-encoded. Alternatively, we can provide the URL to validate a server certificate, i.e. https://www.verisign.com. Because the certificate validation happens low-level, non-http ports like ldaps or imaps can also be specified here. More examples: https://server.domain.tld:8883 ldaps://fm4dd.com imaps://fm4dd.com

Select the Root CA certificate file or bundle to use
	Ubuntu Root certificate list - 137 certificates, 208567 Bytes, last update Fri Sep 1 01:13:01 2023
	WebCert's Root certificate list - 3 certificates, 4847 Bytes, last update Mon Feb 1 16:31:11 2016
	Your CA certificate(s) - PEM format:
Here we select the list of CA certificates we would like to validate against. The following bundles are prepared: Mozilla Root certificate list, downloaded from http://curl.haxx.se/ca/cacert.pem. Verisign Root certificate list, downloaded and converted weekly from Verisign. Ubuntu Root certificate list, converted from the local OS files. The WebCert Root certificate list contains WebCerts own CA files, validating certificates for this CA only. Alternatively, you can upload your own, local CA certificate file or file bundle (Apache-style) in PEM format.

Additional validation settings (optional and advanced)
	SSL_set_verify_depth - limit or expand the chain verification to the specified depth.
	X509_V_FLAG_X509_STRICT - disable workarounds, verify strictly per X509 rules.
Here we can select additional OpenSSL settings that control and fine-tune the validation process. They are optional, and require expert knowledge to interpret results correctly. In doubt, leave them alone.

Topics

OpenSSL Documentation