I'm trying to get the Firefox browser to check client certificates via OCSP to a Tumbleweed OCSP Responder. I can see the browser make a query to the Responder, and see that the Responder accepts the request and issue a response (with the proper status). Firefox, however, is not happy with the response, and spits out a generic "8182" error which seems to indicate that it could not verify the signature on the response. I have tried directly adding the responder's signing certificate into Firefox's certificate stores, as well as just having the browser trust the issuing CA of the responder cert - without any change in behavior.
Anybody know what I could be missing? Do I have to get my responder cert issued off a CA that Firefox trusts as a "built-in" CA - one that Firefox is compiled with and pre-configured to trust? Or can I just add my own CA certificate as a "software token" that the browser can be configured to trust? Thanks in advance. _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
