Massimiliano,
we are currently working on an OCSP responder based on OpenCA-OCSP. The
ocspd shall take an ldap as his underlying information base.
Taking openssl as a client I get the following result:
------------------------------------------------------------------------
-----
C:\Programme\OpenSSL\bin>openssl ocsp -issuer
c:\Programme\OpenSSL\bin\certs\cert.pem -serial 1001 -url
http://161.90.190.254:2560 -noverify
1001: WARNING: Status times invalid.
2476:error:2707307E:OCSP routines:OCSP_check_validity:status not yet
valid:.\crypto\ocsp\ocsp_cl.c:329:
unknown
This Update: Mar 30 14:15:01 2007 GMT
Next Update: Mar 30 14:20:01 2007 GMT
------------------------------------------------------------------------
-----
Our question is, how the ocspd identifies a certificate in the ldap
directory? How does he know, that a certificate exist?... and the
ncertificate with serial number 1001 does :)
Best regards
Thomas Beckmann
<mailto:[email protected]>
Atos Origin GmbH, Theodor-Althoff-Str. 47, D-45133 Essen, Postfach 100 123,
D-45001 Essen
Telefon: +49 201 4305 0, Fax: +49 201 4305 689095, www.atosorigin.de
Dresdner Bank AG, Hamburg: Kto. 0954411200, BLZ 200 800 00, Swift Code
DRESDEFF200, IBAN DE69200800000954411200
Geschäftsführer: Dominique Illien, Handelsregister Essen HRB 19354,
Ust.-ID.-Nr.: DE147861238
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Openca-Users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openca-users
