This command works: openssl ocsp -issuer issuer.pem -VAfile trusted_dir/ocsp_signer.pem -url http://ocsp.test.com -cert cert.pem -resp_text
but this fails: openssl ocsp -issuer issuer.pem -CApath trusted_dir -url http://ocsp.test.com -cert cert.pem -resp_text with: 3077556488:error:27069076:OCSP routines:OCSP_basic_verify:signer certificate not found:ocsp_vfy.c:85: since the signer cert is in the trusted dir, shouldn't the second version be able to find it there? ocsp_signer.pem is a self-signed cert, does that matter? I ran strace on the second command and I never see it even open the directory. -- Chris Bare ch...@bareflix.com ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
