Problem checking certificate with OCSP

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Mon, Oct 05, 2015, Walter H. wrote:

> Hello,
> 
> attached is the certificate and its chain of  https://revoked.grc.com/
> 
> doing this:
> 
> openssl ocsp -no_nonce -issuer chain.pem -cert cert.pem -text -url
> http://ocsp2.globalsign.com/gsdomainvalg2
> 
> goves the following:
> 
> OCSP Request Data:
>     Version: 1 (0x0)
>     Requestor List:
>         Certificate ID:
>           Hash Algorithm: sha1
>           Issuer Name Hash: 45658DA20174402FF48B3A6AC0BC69208095C7CA
>           Issuer Key Hash: 96ADFAB05BB983642A76C21C8A69DA42DCFEFD28
>           Serial Number: 112155688D380775DA34C5DF97433ED3F6A7
> Error querying OCSP responsder
> 139928584042312:error:27076072:OCSP routines:PARSE_HTTP_LINE1:server response
> error:ocsp_ht.c:250:Code=403,Reason=Forbidden
> 
> where is the problem for this strange error?
> 

Some OCSP responders need the host header, try adding: 

	 -header Host ocsp2.globalsign.com

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux