RE: OCSP-validation fails - Wrong cert passed to OCSP by Apache

Ulf Wahlqvist Tue, 17 Aug 2010 03:48:25 -0700

I still don't get it. I used Wireshark and found out that the certificate sent 
to the OCSP-responder is the CA-cert, not the client-cert to be validated! I am 
clueless.



Online Certificate Status Protocol
    tbsRequest
        requestList: 1 item
            Request
                reqCert
                    hashAlgorithm (SHA-1)
                        Algorithm Id: 1.3.14.3.2.26 (SHA-1)
                    issuerNameHash: 3183A656588CA87A8D663E5721EF4BC860D9EC86
                    issuerKeyHash: 7C2E39233244E80F4E66F20D28FE40BEC2B6E2A0
                    serialNumber : 0x1bd40ed434d1da15a6003015024da46c <- THIS 
IS THE SERIALNUMBER FOR THE CA-CERT

/ulfW

PS Is this mailing list active? 
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl)                   www.modssl.org
User Support Mailing List                      modssl-users@modssl.org
Automated List Manager                            majord...@modssl.org

RE: OCSP-validation fails - Wrong cert passed to OCSP by Apache

Reply via email to