The short answers is no. An OCSP response has to be signed by the issuer (or a delegate of the issuer) and a self-signed cert is issued by itself. As a general rule certs can't revoke themselves so there is no need to get a revocation response for a self-signed cert.
Steve -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of redpath Sent: Tuesday, July 23, 2013 10:27 AM To: [email protected] Subject: OCSP and self signed I was wondering about self signed certs. If I run the test OCSP it needs to know the CA cert but there is no CA cert. So can a OCSP responder work for self signed certs. -- View this message in context: http://openssl.6102.n7.nabble.com/OCSP-and-self-signed-tp45918.html Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [email protected]
smime.p7s
Description: S/MIME cryptographic signature
