Soyoung Jeong wrote: > Hi Massimiliano, [...] > According to the homepage, it says that you have tested it with > Mozilla/Netscape as a OCSP clients, and the man page says that OCSP > daemon uses 2560 as its default binding port. With those information, I > have some questions about using it.
Unfortunately the OCSP documentation is really outdated. It has gone a major update since the online documentation has been published. I will update it soon but do not rely too much on that :-D > 1. Does OCSP daemon use normal HTTP protocol as the transport > protocol for OCSP with port number 2560? Does the client use ‘GET’ > method or ‘POST’ method to connect? (I guess POST) You can modify the default port to use whichever port you want to use. The implemented protocol is a *very small subset* of the HTTP. And yes, the only implemented method is POST > 2. If it’s true, does OCSP daemon internally has a simple http > server or do I use external web server and relate the external web > server with the OCSP responder? You do not need an HTTP server to run the OCSP responder. It is a stand alone daemon which implements a simple HTTP parser. We wanted to be this way so you do not need to install an HTTP server to run the OCSP. > 3. If I make my own OCSP client, do I use HTTP Post method to > connect to the OCSP daemon and just add OCSP Request payload to the body > of POST method? Basically, yes. The payload of the POST is the OCSP request (DER encoded). It is, indeed, a very simple format. I hope this helps you, should you need further assistance, just subscribe the mailing lists and ask there :-D C'you, Max ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Openca-Users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openca-users
