Hi,
In order to test the OCSP responder, I issued some certificates, revoked them, issued a new CRL and make this one available for the ocspd.
For those revoked certificates I obtain the following message in the syslog/errors log :
Error while retrieving info from CRL
Error in generating response
although at the loading of the responder the CRL seems to be correctly loaded and the response for the valid certificates is correct.
Any ideas ?
Sebastien
PS : Thanks Michael for the last answer
I'm using now an OCSP Client developed by the TORSEC group which is more "verbose" than Mozilla's one
(you can find the software at http://security.polito.it/tools/ocsp/)
| Massimiliano Pala <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED] 29/04/2004 17:35
|
|
[EMAIL PROTECTED] wrote:
>
> Hi,
>
Hello,
> I'm currently now trying to use OCSPD.
>
> Which string should be filled in the "Service URL" field of the mozilla
> Preferences/Validation assuming that 10.13.1.13 is my CRL IP ?
Well, it depends on your configuration (check the ocspd.conf). Anyway
by default you should use:
http://10.13.1.13:2560/
--
Best Regards,
Massimiliano Pala
--o------------------------------------------------------------------------
Massimiliano Pala [OpenCA Project Manager] [EMAIL PROTECTED]
Tel.: +39 (0)11 564 7081
http://security.polito.it Fax: +39 178 270 2077
Mobile: +39 (0)347 7222 365
Politecnico di Torino (EuroPKI)
Certification Authority Informations:
Authority Access Point http://ca.polito.it
Authority's Certificate: http://ca.polito.it/ca_cert/en_index.html
Certificate Revocation List: http://ca.polito.it/crl02/crl.crl
--o------------------------------------------------------------------------
