Hi all, I try to ask an ocsp responder for the status of some certificates using openssl as ocsp client. Doing that the client produces the following Messages:
------------------------------------------------------------------------ ----------------------- C:\Programme\OpenSSL\bin>openssl ocsp -issuer c:\Programme\OpenSSL\bin\certs\cert.pem -serial 1123 -url http://161.90.190.254:2560 -verify_other c:\Programme\OpenSSL\bin\certs\ocsp.pem -trust_other Response Verify Failure 2492:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01:.\crypto\rsa\rsa_pk1.c:100: 2492:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed:.\crypto\rsa\rsa_eay.c:699: 2492:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib:.\crypto\asn1\a_verify.c:168: 2492:error:27069075:OCSP routines:OCSP_basic_verify:signature failure:.\crypto\ocsp\ocsp_vfy.c:98: 1123: revoked This Update: Mar 30 15:51:13 2007 GMT Next Update: Apr 2 10:33:23 2007 GMT Revocation Time: Mar 30 15:00:00 2007 GMT ------------------------------------------------------------------------ ----------------------- What will openssl tell me? Whats going wrong here? Any ideas? Best regards Thomas Atos Origin GmbH, Theodor-Althoff-Str. 47, D-45133 Essen, Postfach 100 123, D-45001 Essen Telefon: +49 201 4305 0, Fax: +49 201 4305 689095, www.atosorigin.de Dresdner Bank AG, Hamburg: Kto. 0954411200, BLZ 200 800 00, Swift Code DRESDEFF200, IBAN DE69200800000954411200 Geschäftsführer: Dominique Illien, Handelsregister Essen HRB 19354, Ust.-ID.-Nr.: DE147861238 ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
