From: "Florian Oelmaier" <[EMAIL PROTECTED]> flo> 2) Given an OCSP-Responder, that does not append its own certificate (in the flo> delegated case): I could not give an OCSP-Certificate to trust using the flo> command line that helped me verify the response. You should be aware that flo> there are use cases that do not append any certificate to the response. I am flo> not really sure if this is a bug of apps/ocsp.c, libcrypto or my fault? Actually, if the certificate's CA has signed the response, -CAfile should be enough I think. However, I've just added an options -VAfile to enable the user to give certificate against only the signature will be verified. It will be in the next snapshot. -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Chairman@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 Redakteur@Stacken \ SWEDEN \ or +46-709-50 36 10 Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Software Engineer, Celo Communications: http://www.celocom.com/ Unsolicited commercial email is subject to an archival fee of $400. See <http://www.stacken.kth.se/~levitte/mail/> for more info. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: cvs commit: openssl/ssl s3_lib.c ssl.h ssl_algs.cssl_ciph.cssl_locl.h tls1.h
Richard Levitte - VMS Whacker Thu, 08 Feb 2001 10:18:52 -0800
- Re: cvs commit: openssl/ssl s3_lib.c ssl.h s... Richard Levitte - VMS Whacker
- RE: cvs commit: openssl/ssl s3_lib.c ss... Florian Oelmaier
- Richard Levitte - VMS Whacker
