OCSP_basic_verify:root ca not trusted:ocsp_vfy.c:148

[Nada Essaouini]

Hello,

I throw ocsp responder :
openssl ocsp -index ca/index.txt -CA ca/ca.pem -rsigner ocsp.pem -rkey 
ocsp.key  -url http://www.ocspresponder.com -port 9080

I want to verify a certificat validity Test.pem delivred by a certificat 
ca.pem and i want to verify a response of responder by an other CA 
certificat:  caocsp.pem how dos delivred a responder certificat ocsp 
.pem. To do it I throw:
openssl ocsp  -issuer ca/ca.pem -cert test.pem -url 
http://www.ocspresponder.com:9080 -text -CAfile caocsp.pem
But I have This error:  :
Response Verify Failure
13795:error:27069070:OCSP routines:OCSP_basic_verify:root ca not 
trusted:ocsp_vfy.c:148:

The caocsp.pem is a root CA and it is the certificate that delivred 
ocsp.pem, to verify that i trie:
openssl x509 -purpose  -in caocsp.pem :
Certificate purposes:
SSL client : Yes
SSL client CA : Yes
SSL server : Yes
SSL server CA : Yes
Netscape SSL server : Yes
Netscape SSL server CA : Yes
S/MIME signing : Yes
S/MIME signing CA : Yes
S/MIME encryption : Yes
S/MIME encryption CA : Yes
CRL signing : Yes
CRL signing CA : Yes
Any Purpose : Yes
Any Purpose CA : Yes
OCSP helper : Yes
OCSP helper CA : Yes

I don't know what is the pb?

--
Nada Essaouini
cryptography engineer
Bee Ware
www.bee-ware.net
[EMAIL PROTECTED]
Mobile: +33628596866 
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]