OCSP request/response signing

[Howard Chan]

Hello all,   I'm working with Openssl 0.9.7beta3's OCSP command, both client and server.   I'm a bit puzzled with how to establish the following :   1.  Signed requests from client 2.  Request verification from server 3.  Signed responses from server 4.  Response verification from client   I mean, besides the commands to issue, the REAL problem I'm having is "What certs to use for steps 1 to 4????"  Say, I just wanted to test OCSP for my own OpenSSL CA (generate my own root CA certs and test certs, etc).  So what certs should be given to the client to sign requests and to verify responses?  And what certs should be stored on the OCSP server side for request verify and response signing?    This is just for testing purposes.   Can any of you experts out there explain all this to me?  Many thanks.   - Howard