Hello Yessica, this line in your logs tells you where the error occured:
[Thu Feb 17 19:23:09 2011] [error] mod_tsa:1510:error:2F083075:lib(47):func(131):reason(117):ts_rsp_sign.c:206: When you look into source code of openssl ts module - http://cvs.openssl.org/fileview?f=openssl/crypto/ts/ts_rsp_sign.c&v=1.6.4.2- you can see that line 206 contains following code: if (X509_check_purpose(signer, X509_PURPOSE_TIMESTAMP_SIGN, 0) != 1) { TSerr(TS_F_TS_RESP_CTX_SET_SIGNER_CERT, TS_R_INVALID_SIGNER_CERTIFICATE_PURPOSE); return 0; } That means loading of TSA certificate failed because of incorrect extensions. Certificate you posted has critical mark on "X509v3 Subject Alternative Name" which is completely wrong in this case. It is "Time Stamping" that has to be marked as critical. -- Kind Regards / S pozdravom Jaroslav Imrich http://www.jariq.sk
