Hi!,
Hi,
I'm testing the ocsp server, but I have an error after the "OCSP Daemon setup"... In the ocsp_crl section I have
[ ocsp_crl ] crl_url = http://localhost crl_entry_dn = /crl/cacrl.crl
I am sorry but the http protocol for CRL retriving is not implemented yet. You should use the LDAP protocol (ldap://) or the simple file retrivial method (file://path_to_the_crl).
To use the file method you must have the CRL on the same filesystem of the ocspd server is running on - this is usually the case as most of the times the ocspd is run on the raserver.
The crl_entry_dn should be used only with the LDAP protocol.
[...]I run the /etc/init.d/ocspd and all is OK, but when the setup is finish the daemon stop!!, with "tail /var/log/message" I see
If instead of http I use file:///usr/local... I obtain the segmentation fault ;), and I don't have possiblity of use LDAP.
This is strange, please check for the certificate to be readable by the user the ocsp daemon is running as. Let me know.
--
C'you,
Massimiliano Pala
--o-------------------------------------------------------------------------
Massimiliano Pala [OpenCA Project Manager] [EMAIL PROTECTED]
Tel.: +39 (0)59 270 094
http://www.openca.org Fax: +39 178 221 8225
http://openca.sourceforge.net Mobile: +39 (0)347 7222 365
smime.p7s
Description: S/MIME Cryptographic Signature
