I would like to use Self-Signed CA of Salesforce to build a 2-way SSL connection with my Web Server.
The Web Server is built on Apache 2.2 and the 1-way SSl test is fine.
In the 2-way SSL test, the CA-Signed certificate of Salesforce is OK.
When I use Self-Signed CA of Salesforce, it seems the Apache can't verify the client CA from Salesforce.
I use Openssl to verify the client CA, like,
openssl verify -CAfile SFDC.cer SFDC.cer
and got the following error,
error 20 at 0 depth lookup:unable to get local issuer certificate
I guess there is something wrong with Salesforce's self-signed CA.
Does anyone have the same experience?
Best Answer
This is a known bug of the latest versions of macports' port of openssl 1.0.1 and has nothing to do with Salesforce's self-signed CA.
See this link for reference and a workaround
https://stackoverflow.com/questions/11774961/unable-to-connect-to-test-salesforce-com-with-ssl
I hope this helps.