Hi List,
i received the same error with the ocsp responder like Sebastien.
Can somebody explain me, how and when update the responder the crl from
the LDAP directory?
I have logged the LDAP access, and did not see, that the responder
checks the CRL after it started.
Regards Adam
[EMAIL PROTECTED] wrote:
Hi,
In order to test the OCSP responder,
I issued some certificates, revoked them, issued a new CRL and make
this
one available for the ocspd.
For those revoked certificates I
obtain
the following message in the syslog/errors log :
Error while retrieving info from CRL
Error in generating response
although at the loading of the
responder
the CRL seems to be correctly loaded and the response for the valid
certificates
is correct.
Any ideas ?
Sebastien
PS : Thanks Michael for the last
answer
I'm using now an OCSP Client
developed
by the TORSEC group which is more "verbose" than Mozilla's one
(you can find the software at
http://security.polito.it/tools/ocsp/)
[EMAIL PROTECTED] wrote:
>
> Hi,
>
Hello,
> I'm currently now trying to use OCSPD.
>
> Which string should be filled in the "Service URL" field
of the mozilla
> Preferences/Validation assuming that 10.13.1.13 is my CRL IP ?
Well, it depends on your configuration (check the ocspd.conf). Anyway
by default you should use:
http://10.13.1.13:2560/
--
Best Regards,
Massimiliano Pala
--o------------------------------------------------------------------------
Massimiliano Pala [OpenCA Project Manager]
[EMAIL PROTECTED]
Tel.: +39 (0)11 564 7081
http://security.polito.it
Fax: +39 178 270
2077
Mobile: +39 (0)347 7222 365
Politecnico di Torino (EuroPKI)
Certification Authority Informations:
Authority Access Point
http://ca.polito.it
Authority's Certificate:
http://ca.polito.it/ca_cert/en_index.html
Certificate Revocation List:
http://ca.polito.it/crl02/crl.crl
--o------------------------------------------------------------------------
|
