Massimiliano Pala wrote:
Dr. Rodney McDuff wrote:
I've been trying to run multiple independent OCSP Responders on same
box and running into trouble concerning the locking of the semaphore
(or lock file). The code as if stands uses the same semaphore key (or
lock file) for each independent server. The patch below is an attempt
to fix the problem by linking the semaphore key to the process ID (or
using mkstemp to create a random lock file).
Why did you do it ? You know that OCSP can respond for different CAs,
right?
Actually no I didn't. Its not obvious to me how you would do this with
the openca OCSP responder.
Or did you needed different signing keypairs for each configured CA ?
The box has the RAs for 9 CAs on it, each of which are in a hierachy like
root --------- CA 1 ----------- CA 1.1
|
+------CA 2 ----------- CA 2.1
|
+ ------CA3 ------------CA 3.1
|
+------CA4 -------------CA 4.1
Each CA has issued a OCSP Signing certs with the OSCPSigning attribute.
If there is a way to do this by using only 1 openca OCSP responder I
would be keen to know it.
--
Dr. Rodney G. McDuff |Ex ignorantia ad sapientiam
Manager, Strategic Technologies Group| Ex luce ad tenebras
Information Technology Services |
The University of Queensland |
EMAIL: [EMAIL PROTECTED] |
TELEPHONE: +61 7 3365 8220 |
-------------------------------------------------------
SF.Net email is sponsored by: Discover Easy Linux Migration Strategies
from IBM. Find simple to follow Roadmaps, straightforward articles,
informative Webcasts and more! Get everything you need to get up to
speed, fast. http://ads.osdn.com/?ad_id=7477&alloc_id=16492&op=click
_______________________________________________
Openca-Users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-users
