I just want to know how does OpenSSL implement RFC 6960 section 4.4.7.2 Responder Signature Algorithm Selection.
Could I take a OpenSSL responder to use SHA1withRSA signature algorithm if the certificate is signed by this algorithm? [1] https://tools.ietf.org/html/rfc6960#section-4.4.7.2 On Sat, Jul 4, 2020 at 12:18 AM John Jiang <john.sha.ji...@gmail.com> wrote: > Hi, > I'm using OpenSSL 1.1.1. > > Can I configure the OCSP response signature algorithm? > For a RSA issuer, it looks SHA256withRSA always be selected. > > PreferredSignatureAlgorithms extension in OCSP request may affect this > algorithm in OpenSSL OCSP response. However, I prefer to use configuration. > > Thanks! >
