god god wrote: > Questions are > 1. if OCSP server = ocsp responsor ?
Yes. > 2. how can I create that server by myself in Linux or win2000? Linux or other UNiX systems are suggested as no test is being done on win2000. > 3. OpenCA-ocsp-0.2.1.tar.gz is right software or > OpenCA-ocspd-0.0.5.tar.gz is right? > (i have openssl-0.9.6c and openssl-0.9.7-stable-SNAP-020213,which one > is ok?) You should download the latest version of the OpenCA-OCSPD-xxx.tar.gz module and use the openssl-SNAP-2002xxxxx.tar.gz because of the many OCSP related functions that have been added to the package. > 4. Now, i have Linux server. > if it is right that i install Openca Ocsp 0.2.1 to linux OS, > then just run "ocsp", then i have http://ocsp.myhost.com ??? > or what can i do? Edit the ocspd.conf file you find in the examples directory, check every script you find in there, it could be useful. Also for a complete list of parameters try calling the 'openca-ocspd' command like this: $ openca-ocspd - > Could you please give me some idea that how i may create OCSP server > And how can I put CRL to OCSP server or my Responer? You don't have to. The OCSP responder uses the same format of the index.txt of openssl: just set the configuration to take the same file and you are done. Remember to restart the responder when some modification takes place to the index.txt (new cert issued, a cert is revoked, etc... ). -- C'you, Massimiliano Pala --o------------------------------------------------------------------------- Massimiliano Pala [OpenCA Project Manager] madwolf at cpan.org madwolf at openca.org http://www.openca.org madwolf at hackmasters.net http://openca.sourceforge.net Mobile: +39 (0)347 7222 365 _______________________________________________ Openca-Users mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/openca-users
