The short answers is no. An OCSP response has to be signed by the issuer (or a delegate of the issuer) and a self-signed cert is issued by itself. As a general rule certs can't revoke themselves so there is no need to get a revocation response for a self-signed cert.
Steve -----Original Message----- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of redpath Sent: Tuesday, July 23, 2013 10:27 AM To: openssl-users@openssl.org Subject: OCSP and self signed I was wondering about self signed certs. If I run the test OCSP it needs to know the CA cert but there is no CA cert. So can a OCSP responder work for self signed certs. -- View this message in context: http://openssl.6102.n7.nabble.com/OCSP-and-self-signed-tp45918.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
smime.p7s
Description: S/MIME cryptographic signature
