Hi,
today I read [1] that Microsoft finally added support for TLS Extended
Master Secret Extension to their SSL implementation (SChannel).
The author was so kind to provide a test script [2] to check if your
own servers support TLS Extended Master Secret extension yet.
Looks like my servers
Hi,
when you set the -host parameter as last, you will get the following error:
~/cert-test/ $ openssl ocsp -CApath /etc/ssl/certs -no_nonce -issuer
issuer.crt -cert cert.crt -url http://ocsp2.globalsign.com/gsalphag2
-host ocsp2.globalsign.com
Error querying OCSP responsder
Hi,
please see the following certificate:
-BEGIN CERTIFICATE-
MIIEbTCCA1WgAwIBAgICLgAwDQYJKoZIhvcNAQEFBQAwQDELMAkGA1UEBhMCVVMx
FzAVBgNVBAoTDkdlb1RydXN0LCBJbmMuMRgwFgYDVQQDEw9HZW9UcnVzdCBTU0wg
Q0EwHhcNMTAxMDE5MDQyMDUwWhcNMTUxMDIwMjMzNTI0WjCBhDEpMCcGA1UEBRMg
Hello,
thank you for your response. There's one thing in your reply I don't
understand:
Erwann Abalea wrote:
It seems to be a valid certificate for OpenSSL, right?
OpenSSL can parse it, yes.
[...]
Reading X.520 shows that the DirectoryString type disallows 0-sized
elements. So you're
Hi,
when I was looking for an OCSP responder in January I also found
OpenCA.org and I also think it is dead.
If you want to use it, read the mailing list. Someone posted important
patches (against memory leaks and other things).
Another thing is, that I am not sure if an OCSP responder, which
Hi,
Ryan Hurst wrote:
They are doing a CA signed OCSP response, this is legitimate.
We will do this in the not so distant future as well for many of our
responses also.
If this is called CA signed OCSP response, how is *your* current
response, which you will change in future, called?
You
Hi,
forget it - I got it :)
-VAfile level1.crt is doing 'the trick'.
But I still don't now how to compute/get the responseID on my own.
Thanks.
--
Regards,
Igor
__
OpenSSL Project
Hi,
I tried to validate a certificate from Comodo using their OCSP, but I
cannot verify the response:
3073455752:error:27069076:OCSP routines:OCSP_basic_verify:signer
certificate not found:ocsp_vfy.c:85:
The certificate I want to validate was issued by
C=GB, ST=Greater Manchester,