|
Hi All, I'm trying to use the OCSP service standalone and it seams to be running. However I'm getting a "request for non recognized CA", but I'm almost sure, that I setup the configuration correctly...or not!? Or is here a bug somewhere? May 12 01:15:35 server-5 ocspd[10992]: request for certificate serial 21557 May 12 01:15:35 server-5 ocspd[10992]: request for non reckognized CA Using the following hierarchy: Root CA -> OCSP and CRL Signer Certificate Intermediate CA -> Subscriber Certificate I'm using the latest version (1.0.3) compiled without LDAP and using file crl's: ca_certificate = $dir/ca.crt # The CA certificate ocspd_certificate = $dir/ocspd.crt # The OCSP server cert ocspd_key = $dir/private/ocspd.key # The OCSP server key pidfile = /usr/local/ocspd/ocspd.pid # Main process pid [ first_ca ] # You can have the CRL on a simple file in PEM format crl_url = file:////usr/local/ocspd/ca-crl.pem # We need the CA certificate for every supported CRL ca_url = file:////usr/local/ocspd/ocsps.crt #################################################################### [ second_ca ] # You can have the CRL on a simple file in PEM format crl_url = file:////usr/local/ocspd/crt-crl.pem # We need the CA certificate for every supported CRL ca_url = file:////usr/local/ocspd/ocsp.crt --
Regards
Signer: Eddy Nigg
Company: StartCom Linux at www.startcom.org MediaHost™ at www.mediahost.org Skype: startcom Phone: +1.213.341.0390
Import StartCom Public CA
|
smime.p7s
Description: S/MIME Cryptographic Signature
