Re: [openssl-users] How can I sstart openssl ocsp in secure mode using TLS/SSL

2017-09-26 Thread Michael Wojcik
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of > Richard Moore > Sent: Tuesday, September 26, 2017 06:31 > To: openssl-users@openssl.org > Subject: Re: [openssl-users] How can I sstart openssl ocsp in secure mode > using TLS/SSL ​​> The CA Se

Re: [openssl-users] How can I sstart openssl ocsp in secure mode using TLS/SSL

2017-09-26 Thread Jakob Bohm
On 26/09/2017 14:31, Richard Moore wrote: On 26 September 2017 at 02:36, Kyle Hamilton > wrote: On Fri, Sep 22, 2017 at 9:32 AM, Richard Moore mailto:richmoor...@gmail.com>> wrote: > > It's also worth pointing out that CAs are banned from running

Re: [openssl-users] How can I sstart openssl ocsp in secure mode using TLS/SSL

2017-09-26 Thread Richard Moore
On 26 September 2017 at 02:36, Kyle Hamilton wrote: > On Fri, Sep 22, 2017 at 9:32 AM, Richard Moore > wrote: > > > > It's also worth pointing out that CAs are banned from running OCSP > servers over HTTPS anyway and it isn't needed since the responses are > already signed - http is fine. > > Th

Re: [openssl-users] How can I sstart openssl ocsp in secure mode using TLS/SSL

2017-09-25 Thread Kyle Hamilton
On Fri, Sep 22, 2017 at 9:32 AM, Richard Moore wrote: > > It's also worth pointing out that CAs are banned from running OCSP servers > over HTTPS anyway and it isn't needed since the responses are already signed > - http is fine. That argument fails when you consider that some people want the d

Re: [openssl-users] How can I sstart openssl ocsp in secure mode using TLS/SSL

2017-09-25 Thread Jakob Bohm
On 22/09/2017 18:32, Richard Moore wrote: On 22 September 2017 at 15:08, Salz, Rich via openssl-users mailto:openssl-users@openssl.org>> wrote: Openssl 0.9.8 is old and obsolete and has security issues; you should upgrade. But even if you upgrade, the ocsp command will not liste

Re: [openssl-users] How can I sstart openssl ocsp in secure mode using TLS/SSL

2017-09-22 Thread Richard Moore
On 22 September 2017 at 15:08, Salz, Rich via openssl-users < openssl-users@openssl.org> wrote: > Openssl 0.9.8 is old and obsolete and has security issues; you should > upgrade. > > > > But even if you upgrade, the ocsp command will not listen on HTTPS; that > is not supported. > > > ​It's also w

Re: [openssl-users] How can I sstart openssl ocsp in secure mode using TLS/SSL

2017-09-22 Thread Salz, Rich via openssl-users
Openssl 0.9.8 is old and obsolete and has security issues; you should upgrade. But even if you upgrade, the ocsp command will not listen on HTTPS; that is not supported. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] How can I sstart openssl ocsp in secure mode using TLS/SSL

2017-09-22 Thread Ike Ikonne
Hi all, I have been trying to test the embed openssl ocsp server in secure mode like: c:\openssl-0.9.8\share>c:\openssl-0.9.8\bin\openssl ocsp -url https://myhost:7575-req_text -resp_text -text -index intermediate\index.txt -CA int ermediate\certs\ca-chain-cert.pem -rkey intermediate\private\

[openssl-users] How can I sstart openssl ocsp in secure mode using TLS/SSL

2017-09-19 Thread Ike Ikonne
Hi all, I have been trying to test the embed openssl ocsp server in secure mode like: c:\openssl-0.9.8\share>c:\openssl-0.9.8\bin\openssl ocsp -url https://myhost:7575-req_text -resp_text -text -index intermediate\index.txt -CA int ermediate\certs\ca-chain-cert.pem -rkey intermediate\private\