Re: [OpenCA-Devel] HTTPS support for OCSPD

Mon, 29 Oct 2007 02:43:00 -0800 

Hi Eddy,

I'm pretty new to the code, but as far as I can tell, OCSPD doesn't make any 
use of the index.db file.
The corresponding line from the ocspd.conf is never actually read by OCSPD code 
(I'm looking at the latest 1.5.1rc1) and on my system the file doesn't exist 
and OCSPD works pretty fine.

Cheers,
      Alex


________________________________
From: Eddy Nigg (StartCom Ltd.) [mailto:[EMAIL PROTECTED]
Sent: Monday, October 29, 2007 11:17
To: Alex Agranov
Subject: Re: [OpenCA-Devel] HTTPS support for OCSPD

Thanks Alex, now I understand as everything else wouldn't have made sense. But 
now an other question...at some point the OCSPD wanted access to the index.db 
or whatever was there (assuming from openssl). I never understood why was 
that....has this changed? I guess I need to have a look at current versions. Or 
how did you solve that?

In my opinion the CRL itself should be enough for the responder, but there was 
this requirement for the index file which makes deployment difficult...

Alex Agranov wrote:
Exactly.
I mean that OCSP responder can fetch the CRL over https and/or http with 
authentication.

________________________________
From: Eddy Nigg (StartCom Ltd.) [EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]>]
Sent: Monday, October 29, 2007 12:26 AM
To: Alex Agranov
Subject: Re: [OpenCA-Devel] HTTPS support for OCSPD
Hi Alex,

Do you mean that the OCSP responder can fetch the CRL over https and/or http 
with authentication? Or is this meant to for end user? Still somewhat 
confused...

--
Regards



Signer:

Eddy Nigg, StartCom Ltd.<http://www.startcom.org>

Jabber:

[EMAIL PROTECTED]<xmpp:[EMAIL PROTECTED]>

Blog:

Join the Revolution!<http://blog.startcom.org>

Phone:

+1.213.341.0390





-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
OpenCA-Devel mailing list
OpenCA-Devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openca-devel

Reply via email to