sResponseData'. Any way to
extract the tbs with openssl ? Thanks.
On 2021-07-21 00:04, Gaardiolor wrote:
Good day,
I don't fully understand ocsp certificate verification. In order to
better understand it, I want to do it manually. I can already do that
with certific
Good day,
I don't fully understand ocsp certificate verification. In order to
better understand it, I want to do it manually. I can already do that
with certificates.
$ openssl s_client -connect openssl.org:443 -showcerts
# I save the server.crt and intermediate.crt
$ openssl verify -no-CApa
Hello,
My openssl-1.0.2k-21.0.1.el7_9.x86_64 verify fails with HSM-signed
certificates. The HSM is causing other issues and is likely misbehaving,
I think this is a HSM bug. I'm sure I'm using the correct server.crt and
rootca.crt.
$ openssl verify -CAfile rootca.crt server.crt
server.crt: C
