Certificate verification requires that full chain certificate is present
Is equivalent to run openssl verify.

Verification of peer (server) certificate requires the root CA certificate in
 the chain. As only exception, it certificate is self-signed, it is valid if
the chain includes the own certificate. 

Server verification also requires DNS matching.

Example:

echo demo | ./cdaclient -c cdaroot.pem user@host:6730/votid


