Hi,
Today i was very much excited to see this mailing
list on openSSL. I searched several messages and its great to see that
people here are helping others.
I need your help.
I read tutorials on OCSP from http://openvalidation.org about using OCSP in openssl,
I have couple of questions.
1) I used the following command to send OCSP request and get response from OCSP responder.
openSSL>ocsp -url http://ocsp.openvalidation.org
-issuer ROOT_CA.pem -VAfile OCSPServer.pem -cert User.pem
When i am executing this command , i am getting response from OCSP responder stating that certificate status is good.
(i have taken this command/files from openvalidation.org (http://www.openvalidation.org/useserviceopenssl.htm)
)
But,
In this command what is the purpose of OCSPServer.pem, i still
dont understand the purpose of OCSPServer.pem as we need to just send
our request and expect a response from OCSP responder irrespective of
OCSPServer.pem file.
If i give my URL as http://ocsp.verisign.com, how can i get verisign's OCSPServer.pem. Also how can i get
latest OCSPServer.pem file for the given URL.
2)I tested by giving latest user certificates other than openvalidation.org certificates, but i am getting this error
user.pem:WARNING: Status times invalid.
3220:error:2707307D:OCSP
routines:OCSP_check_validity:status
expired:.\crypto\ocsp\ocsp_cl.c:357:
unknown
This Update: Oct 24 06:00:11 2004 GMT
Next Update: Oct 25 06:00:11 2004 GMT
For this do i need to update my OCSPServer.pem
file
Thank you for your time and consideration
I would be grateful to you if you would help me out as i am spending a lot of time on understanding this.
Please help me out.
Thanks,
vv
- please help me on OCSP varma d
- Re: please help me on OCSP Dr. Stephen Henson
- Re: please help me on OCSP varma d
- Re: please help me on OCSP prakash babu
- Re: please help me on OCSP varma d
- Re: please help me on OCSP Paul Simon
- Re: please help me on OCSP satish danduvarma
- Re: please help me on OCSP Paul Simon
