Hi to all
I am trying to validade client Certs using Apache and a OCSP responder. Iam
having this error on error log:
(I can successfully validate the cert if using openssl command line, but not
using Apache)
[Fri Jul 16 16:02:11.201292 2010] [debug] [pid 21789] proxy_util.c(1962):
proxy: initialized single connection worker 1 in child 21789 for (*)
[Fri Jul 16 16:02:27.399755 2010] [debug] [pid 21783] ssl_util_ocsp.c(79):
[client 10.14.148.50:54752] connecting to OCSP responder
'ocsp.auc.cartaodecidadao.pt'
[Fri Jul 16 16:02:27.614470 2010] [debug] [pid 21783] ssl_util_ocsp.c(105):
[client 10.14.148.50:54752] sending request to OCSP responder
[Fri Jul 16 16:02:28.566401 2010] [debug] [pid 21783] ssl_util_ocsp.c(209):
[client 10.14.148.50:54752] OCSP response header: Date: Fri, 16 Jul 2010
14:51:24 GMT
[Fri Jul 16 16:02:28.566469 2010] [debug] [pid 21783] ssl_util_ocsp.c(209):
[client 10.14.148.50:54752] OCSP response header: Server: Apache
[Fri Jul 16 16:02:28.566505 2010] [debug] [pid 21783] ssl_util_ocsp.c(209):
[client 10.14.148.50:54752] OCSP response header: X-Powered-By: Servlet 2.4;
JBoss-4.0.5.GA
(build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
[Fri Jul 16 16:02:28.566542 2010] [debug] [pid 21783] ssl_util_ocsp.c(209):
[client 10.14.148.50:54752] OCSP response header: Expires: Fri, 16 Jul 2010
14:53:24 GMT
[Fri Jul 16 16:02:28.566576 2010] [debug] [pid 21783] ssl_util_ocsp.c(209):
[client 10.14.148.50:54752] OCSP response header: Cache-Control: max-age=120
[Fri Jul 16 16:02:28.566617 2010] [debug] [pid 21783] ssl_util_ocsp.c(209):
[client 10.14.148.50:54752] OCSP response header: Content-Length: 2530
[Fri Jul 16 16:02:28.566643 2010] [debug] [pid 21783] ssl_util_ocsp.c(209):
[client 10.14.148.50:54752] OCSP response header: Connection: close
[Fri Jul 16 16:02:28.566682 2010] [debug] [pid 21783] ssl_util_ocsp.c(209):
[client 10.14.148.50:54752] OCSP response header: Content-Type:
application/ocsp-response
[Fri Jul 16 16:02:28.566720 2010] [debug] [pid 21783] ssl_util_ocsp.c(252):
[client 10.14.148.50:54752] OCSP response: got 1127 bytes, 1127 total
[Fri Jul 16 16:02:28.569926 2010] [debug] [pid 21783] ssl_util_ocsp.c(252):
[client 10.14.148.50:54752] OCSP response: got 1403 bytes, 2530 total
[Fri Jul 16 16:02:28.569991 2010] [debug] [pid 21783] ssl_util_ocsp.c(235):
[client 10.14.148.50:54752] OCSP response: got EOF
[Fri Jul 16 16:02:28.578764 2010] [error] [pid 21783] SSL Library Error:
error:27069070:OCSP routines:OCSP_basic_verify:root ca not trusted
[Fri Jul 16 16:02:28.578810 2010] [error] [pid 21783] failed to verify the OCSP
response
[Fri Jul 16 16:02:28.578927 2010] [error] [pid 21783] [client
10.14.148.50:54752] Certificate Verification: Error (50): application
verification failure
Hotmail: Trusted email with powerful SPAM protection. Sign up now.
_________________________________________________________________
Hotmail: Trusted email with powerful SPAM protection.
https://signup.live.com/signup.aspx?id=60969
