Dmitrij, can you have a look in your crl file after wget. is it still a valid crl format? Sometimes, depending on mime types, web server can give just a wrong format.
Lutz > -----Ursprüngliche Nachricht----- > Von: Users' Help and Suggestions <[email protected]> > Gesendet: 16.05.07 13:36:33 > An: tips and discussions about OpenCA installation and management.'" > <[email protected]> > Betreff: [Openca-Users] OCSP configuration > > Hello all, > > I'm trying to little bit tune my OCSP server, based on OpenCA OCSP daemon and > can not figure out why it does not work with CRL's via HTTP. > > In ocsp.conf file I can choose file://// , http:// and ldap:// variants for > obtaining CRL. file://// is working quite well. Now I want to switch to > http:// . After changing this line: > > crl_url = file:////usr/local/etc/ocspd/crl/cacrl.crl > > to this line: > > crl_url = http://crl.company.com/myca/cacrl.crl > (HTTP url is checked with wget - it is working.) > > I see some errors in ocsp log: > > May 16 14:01:25 srv041 ocspd[92530]: Error Loading CRL for [ q_vs_ca ] > May 16 14:01:25 srv041 ocspd[92530]: CRL loaded [ q_vs_ca ] > May 16 14:01:25 srv041 ocspd[92530]: CRL missing > May 16 14:01:25 srv041 ocspd[92530]: CRL/CA check error [ q_vs_ca:-1 ] > May 16 14:01:25 srv041 ocspd[92530]: No Entries for CRL (@q_vs_ca) > May 16 14:01:25 srv041 ocspd[92530]: CRL loaded successfully [q_vs_ca] > > OCSP deamon version is 1.1.0. > > Sure I can update it to newest one, but maybe I just do something wrong with > configuration? > > > Also it is interesting for is it possible to log not only startup/rehash > events, but ocsp requests facts also? > > Regards, > > Dmitrij > > > ------------------------------------------------------------------------- > This SF.net email is sponsored by DB2 Express > Download DB2 Express C - the FREE version of DB2 express and take > control of your XML. No limits. Just data. Click to get it now. > http://sourceforge.net/powerbar/db2/ > _______________________________________________ > Openca-Users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/openca-users > _______________________________________________________________ SMS schreiben mit WEB.DE FreeMail - einfach, schnell und kostenguenstig. Jetzt gleich testen! http://f.web.de/?mc=021192 ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Openca-Users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openca-users
