On 03.01.2015 18:16, Richard Moore wrote: > I've now got this working, though to do so I seem to have to take the > certificates supplied in the OCSP response directly out of the certs > field of the OCSP_BASICRESP and add these as intermediates for the > verification too. It feels bad to directly access the internals of > this struct but there doesn't seem to be another way (unless someone > can enlighten me). > > Cheers > > Rich. the certificate you want to test its validity with OCSP has the same intermediate CA cert. as the OCSP responder certificate you use in OCSP response Walter -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mta.opensslfoundation.net/pipermail/openssl-users/attachments/20150103/e7e722f2/attachment-0001.html> -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5971 bytes Desc: S/MIME Cryptographic Signature URL: <http://mta.opensslfoundation.net/pipermail/openssl-users/attachments/20150103/e7e722f2/attachment-0001.bin>
