Re: [Openvpn-devel] [PATCH 1/2] ocsp_check - signature verification and cert staus results are separate

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 ACK - -Steffan On 26-09-14 12:24, Hubert Kario wrote: > when openssl returns result of parsing and verification of the OCSP > response, the signature verification is separate from the > certificate status, as such it's necessary to check both of th

Re: [Openvpn-devel] [PATCH 2/2] ocsp_check - double check if ocsp didn't report any errors in execution

ACK -Steffan On 26-09-14 12:24, Hubert Kario wrote: > in case the reposnses are too old, ocsp tool can return text like this: > > Response verify OK > ca/cert.pem: WARNING: Status times invalid. > 139990703290240:error:2707307D:OCSP routines:OCSP_check_validity:status > expired:ocsp_cl.c:358: >