SSL证书链包如何工作？

∟Reference Citations in 2016

∟SSL证书链包如何工作？

'Validating a Certificate Path with OpenSSL' tutorial was cited in an it1352.com blog in 2016.

The Validating a Certificate Path with OpenSSL tutorial was cited in an it1352.com blog in 2016.

Subject: SSL证书链包如何工作？(How does an SSL certificate chain bundle work?)
Date: Nov 15, 2016
Author: IT屋
Source: http://www.it1352.com/505844.html

I've created a chain hierarchy like this.
   root-ca ==> signing-ca ==> subordinate-ca ==> server

It is mentioned to create chain bundle, the lowest should go first.
   $ cat server.crt subordinate-ca.crt signing-ca.crt > server.pem

But verification fails.
   $ openssl verify -CAfile root-ca.crt server.pem
   error 20 at 0 depth lookup:unable to get local issuer certificate

However, if I change the order it seems to work.
   $ cat signing-ca.crt subordinate-ca.crt server.crt > server.pem
   $ openssl verify -CAfile root-ca.crt server.pem
   server.pem: OK

So what would be the error here?

...

More info: According to
"https://www.herongyang.com/crypto/openssl_verify_2.html",
I perform the following test which works.

   $ cat signing-ca.crt subordinate-ca.crt > inter.crt
   $ openssl verify -CAfile root-ca.crt -untrusted inter.crt server.crt
   server.crt: OK

Does that mean all the links are good?

...