Problems verifying OCSP signatures

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 03.01.2015 18:16, Richard Moore wrote:
> I've now got this working, though to do so I seem to have to take the 
> certificates supplied in the OCSP response directly out of the certs 
> field of the OCSP_BASICRESP and add these as intermediates for the 
> verification too. It feels bad to directly access the internals of 
> this struct but there doesn't seem to be another way (unless someone 
> can enlighten me).
>
> Cheers
>
> Rich.
the certificate you want to test its validity with OCSP has the same 
intermediate CA cert. as the OCSP responder certificate you use in OCSP 
response

Walter
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.opensslfoundation.net/pipermail/openssl-users/attachments/20150103/e7e722f2/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5971 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mta.opensslfoundation.net/pipermail/openssl-users/attachments/20150103/e7e722f2/attachment-0001.bin>


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux