Verifying the IBM public certificate

You can verify that an IBM public certificate is valid by using the Online Certificate Status Protocol (OCSP).

Procedure

  1. Download a public certificate. 
    ibm-java-certificate-<yyyymmdd>.pem
  2. Download the corresponding intermediate certificate. 
    ibm-java-chain0-<yyyymmdd>.pem
  3. Save the public and intermediate certificate to a directory of your choice.
  4. Change to the directory and run the following command. 
    openssl ocsp -no_nonce -issuer ibm-java-chain0-<yyyymmdd>.pem -cert ibm-java-certificate-<yyyymmdd>.pem -VAfile ibm-java-chain0-<yyyymmdd>.pem -text -url http://ocsp.digicert.com -respout ocsptest
  5. If the certificate is valid the command returns "Response verify OK", otherwise it returns "Response Verify Failure".