# Verify a certificate 

To verify a certificate and it's chain, use below openssl command
```
openssl verify -CAfile chain.pem devicecert.pem
```
where chain.pem is the certificate chain for the devicecert.pem certificate.

To construct chain.pem, download the CA certificates that form the chain upto the root certificate and concatenate them
```
cat l1_root_ca.pem l2_intermediate_ca.pem l3_intermediate_ca.pem > chain.pem
```
where l1_root_ca.pem is the root CA certificate in pem format and l2_intermediate_ca.pem, l3_intermediate_ca.pem are the intermediate CA certificates.