Ok I see what you mean. However, in my first mail I've also specified that:
openssl x509 -in beltraminif.cer -noout -ocspid -ocsp_uri returns http://crl.ema.europa.eu/ocsp (which is the correct url) Do you know what kind of parsing is radius asking to openssl ? Thanks, Francesco Beltramini -----Original Message----- From: freeradius-users-bounces+francesco.beltramini=ema.europa...@lists.freeradius.org [mailto:freeradius-users-bounces+francesco.beltramini=ema.europa...@lists.freeradius.org] On Behalf Of Alan DeKok Sent: 19 April 2013 13:04 To: FreeRadius users mailing list Subject: Re: OCSP parsing in client certificate Beltramini Francesco wrote: > Alan: does the change log refer to certificates without the proper extensions > defined ? Because my situation is slightly different, the clients present a > certificate that does contain the OCSP properties. See the debug log. OpenSSL doesn't think so. It was showing "(null)" for the various OCSP fields. Alan DeKok. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html ________________________________________________________________________ This e-mail has been scanned for all known viruses by European Medicines Agency. ________________________________________________________________________ - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html
