How to check the configured certificate is having correct chain of certificates like root/intermediate and server certificate?
To verify this get the Root certificate Subject Key Identifier and if this value is same as intermediate Authority key Identifier then it concludes intermediate is need by that root certificate . Same rule applies for Server certificate as well.
[admin@hostname01 tmp]s cat /tmp/root.cer | openssl x509 -text grep -Al "Key Identifier:"
X509v3 Subject Key Identifier:
6A: 72:26: 7A:D0: 1E: EF: 7D: E7: 3B: 69:51: D4: 6C: 8D: 9F: 90: 12: 66: AB
[admin@hostname01 tmp]$[admin@hostname01 tmp]$ cat /tmp/inter.cer | openssl ×509 -text Igrep -Al "Key Identifier:"
X509v3 Subject Key Identifier:
C3:7:0: B5:2A: 30:AD:AF: 0D: 91:21:70:39:54: DD: BC: 89:70: C7: 3A
X509v3 Authority Key Identifier:
keyid: 6A:72:26:7A:D0: 1E: EF: 7D: E7: 3B: 69:51: D4: 6C: 8D: 9F: 90:12:66: AB
[admin@hostname01 tmp]$[admin@hostname01 tmp]$ cat /tmp/ser.cer | openssl x509 -text |grep -Al "Key Identifier:"
X509v3 Subject Key Identifier:
E9: 3D: 6F: 62:34:21:6: 6E: 96:4D: 24:53: 8B: 92:01:92:A0: 92: D3: 1D
X509v3 Authority Key Identifier:
keyid:C3:F7:D0: B5:2A: 30:AD: AF: 0D: 91:21: 70:39:54: DD: BC: 89: 70: C7: 3A
[admin@hostname01 tmp]$