Hi!
I am trying to use ocsp client utility of openssl. I have installed CMS software on Solaris box and installed openssl on another box. After that I want to check the status of a user certificate. To do that, I generate one response file using ocsp utility. The status returned by the OCSP responder is ok, but to verify the response openssl generates following error.
------------------------------------------------------------------------------------------------------------------------------
Response Verify Failure
2720:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is no
t 01:.\crypto\rsa\rsa_pk1.c:100:
2720:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed:.\crypto\rsa\rsa_eay.c:580:
2720:error:0D089006:asn1 encoding routines:ASN1_verify:EVP lib:.\crypto\asn1\a_v
erify.c:162:2720:error:27069065:OCSP routines:OCSP_basic_verify:certificate verify error:.\crypto\ocsp\ocsp_vfy.c:122:Verify error:certificate signature failure
2720:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is no
t 01:.\crypto\rsa\rsa_pk1.c:100:
2720:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed:.\crypto\rsa\rsa_eay.c:580:
2720:error:0D089006:asn1 encoding routines:ASN1_verify:EVP lib:.\crypto\asn1\a_v
erify.c:162:2720:error:27069065:OCSP routines:OCSP_basic_verify:certificate verify error:.\crypto\ocsp\ocsp_vfy.c:122:Verify error:certificate signature failure
------------------------------------------------------------------------------------------------------------------------------
Can anyone please help me to resolve the problem?
I am also attaching CA certificate, User certificate and response what I have received from CMS.
Thanks in advance.
Regards
-Pijush
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
-----BEGIN CERTIFICATE----- MIIDJDCCAo2gAwIBAgIBATANBgkqhkiG9w0BAQUFADCBmzELMAkGA1UEBhMCSU4xHTAbBgNVBAgc FAAAMHcAADCTAAAwWAAAMIMAAP9CMRUwEwYDVQQHHAwAADCCAAAwbwAAMEMxJTAjBgNVBAocHAAA MEQAADCTAAAwdQAAMEkAAP9TAAD/WQAA/1MxETAPBgNVBAscCAAAMHoAAP9EMRwwGgYDVQQDExND ZXJ0aWZpY2F0ZSBNYW5hZ2VyMB4XDTA0MDgxNjA1MDAwMFoXDTA2MDgxNjA1MDAwMFowgZsxCzAJ BgNVBAYTAklOMR0wGwYDVQQIHBQAADB3AAAwkwAAMFgAADCDAAD/QjEVMBMGA1UEBxwMAAAwggAA MG8AADBDMSUwIwYDVQQKHBwAADBEAAAwkwAAMHUAADBJAAD/UwAA/1kAAP9TMREwDwYDVQQLHAgA ADB6AAD/RDEcMBoGA1UEAxMTQ2VydGlmaWNhdGUgTWFuYWdlcjCBnzANBgkqhkiG9w0BAQEFAAOB jQAwgYkCgYEAvtxYrpPDQU3HV9rt4j3RX9eh3ImTGWCAjI/hrAxqHFfWh5lxwVhLv4tBz3I0x46A KNpQ6MLc7HSUYjsgtzUmcULgNIrnnpvXrFWlBRp3OiJdW5MPf9xuIbBV28N128nN0E7mLSOeiTca C50UnqGXfLiwtfAAfZU8ZF/ugHj4wT8CAwEAAaN2MHQwEQYJYIZIAYb4QgEBBAQDAgAHMA8GA1Ud EwEB/wQFMAMBAf8wHQYDVR0OBBYEFIeSMGq2GZQXO6Dk1TT0orhVzgtXMB8GA1UdIwQYMBaAFIeS MGq2GZQXO6Dk1TT0orhVzgtXMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQUFAAOBgQCvziXC d3AyTrYWCEdNrJp70Vh2CuFJUcohVcKCRRJLoxW9AiXRJGAA8ANH4tMCtHUnHg0J+aOYt1py4C19 1x8iqSOeSiQPCcWUoadDikFAEMZVut3+TtR5kuYHE0iqXNTVfNtzkgkhZ+vpaQ8olAf2qHSEKPnU XXyI2a2M2cLMwg== -----END CERTIFICATE-----
-----BEGIN CERTIFICATE----- MIICiDCCAfGgAwIBAgIBBTANBgkqhkiG9w0BAQQFADCBmzELMAkGA1UEBhMCSU4xHTAbBgNVBAgc FAAAMHcAADCTAAAwWAAAMIMAAP9CMRUwEwYDVQQHHAwAADCCAAAwbwAAMEMxJTAjBgNVBAocHAAA MEQAADCTAAAwdQAAMEkAAP9TAAD/WQAA/1MxETAPBgNVBAscCAAAMHoAAP9EMRwwGgYDVQQDExND ZXJ0aWZpY2F0ZSBNYW5hZ2VyMB4XDTA0MDgyNDIwNDgyNFoXDTA1MDgyNDIwNDgyNFowVjELMAkG A1UEBgwCSU4xFTATBgoJkiaJk/IsZAEBDAV1c2VyMjEOMAwGA1UEAwwFdXNlcjIxIDAeBgkqhkiG 9w0BCQEMEXVzZXIyQGluZm9zeXMuY29tMFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBANdDZY97b/ng 8UyA0B6WjKULEq+g7Vs/jBeHKa9hRkPiO8ttVT7nDSvqWdTqxvFt78hjmJqNE8GVzbPVXJKvDRcC AwEAAaNkMGIwEQYJYIZIAYb4QgEBBAQDAgWgMA4GA1UdDwEB/wQEAwIF4DAfBgNVHSMEGDAWgBSH kjBqthmUFzug5NU09KK4Vc4LVzAcBgNVHREEFTATgRF1c2VyMkBpbmZvc3lzLmNvbTANBgkqhkiG 9w0BAQQFAAOBgQCwdFgPU41P8H/fEpZAKaAiIAHi7k5p8hreqPiLLzjLfNZr1XC2m05KfRWr0iwX VyXRwrHOmQ9Y4ty0IX74itfzgun6VOXPqwYRF6TCOxDg7I2FN12Y8wqpg+BJ8YTmHJBrXgwpYUbe cy65OJP6Y+48OT0TH/CI6KXMQNSjBkXLsQ== -----END CERTIFICATE-----
resp.der
Description: resp.der
