Error in request. - Openssl

This is a discussion on Error in request. - Openssl ; > [xx@localhost Servers]$ ./ocsp.response > openssl ocsp -issuer /dir/cacert.pem -cert /dir/newcerts/07.pem -url http://domain.com/ca/ocsp?CAId=0 -text -respout resp.der -CAfile /dir/localCAs.pem > OCSP Request Data: > Version: 1 (0x0) > Requestor List: > Certificate ID: > Hash Algorithm: sha1 > Issuer Name Hash: ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: Error in request.

  1. Error in request.

    > [xx@localhost Servers]$ ./ocsp.response
    > openssl ocsp -issuer /dir/cacert.pem -cert /dir/newcerts/07.pem -url http://domain.com/ca/ocsp?CAId=0 -text -respout resp.der -CAfile /dir/localCAs.pem
    > OCSP Request Data:
    > Version: 1 (0x0)
    > Requestor List:
    > Certificate ID:
    > Hash Algorithm: sha1
    > Issuer Name Hash: 841834A620158013AAA2F20AA6A983371B9F9607
    > Issuer Key Hash: 0F2C419BE6F7B3D59B93808561F885096DA010EC
    > Serial Number: 07
    > Request Extensions:
    > OCSP Nonce:
    > 0410852349544418C4E44C4CA51DB6C680F9
    > Error querying OCSP responsder
    > 15530:error:27070072:OCSP routines:OCSP_sendreq_bio:server response errorcsp_ht.c:147:Code=404,Reason=Not Found
    > [xx@localhost Servers]$
    > [xx@localhost Servers]$ lynx http://domain.com/ca/ocsp?CAId=0


    This seems to be HTTP 404, code.
    No logs in Apache about openssl request. Works with other clients Firefox ocsp request, lynx with the same URI.
    With openssl as server works, -url http://domain.com:800.

    I do not know the reason.But Seems a bug.



    --




    --
    Publicidad http://www.pas-world.com
    __________________________________________________ ____________________
    OpenSSL Project http://www.openssl.org
    User Support Mailing List openssl-users@openssl.org
    Automated List Manager majordomo@openssl.org


  2. Re: Error in request.

    http uses port 80 by default, and I'm seeing no port number in the
    initial -url parameter. What is listening on port 80? Your later
    statement about openssl as server includes a ':800' port
    specification.

    Also, what is 'domain.com'? It would help if we could query what
    you're seeing ourselves to figure out what's happening -- or at least
    have enough information that we can set up an equivalent test
    platform. (domain.com is a domain registrar, and I doubt they're
    running an OCSP server.)

    -Kyle H

    On Fri, May 23, 2008 at 10:15 AM, F. wrote:
    >> [xx@localhost Servers]$ ./ocsp.response
    >> openssl ocsp -issuer /dir/cacert.pem -cert /dir/newcerts/07.pem -url http://domain.com/ca/ocsp?CAId=0 -text -respout resp.der -CAfile /dir/localCAs.pem
    >> OCSP Request Data:
    >> Version: 1 (0x0)
    >> Requestor List:
    >> Certificate ID:
    >> Hash Algorithm: sha1
    >> Issuer Name Hash: 841834A620158013AAA2F20AA6A983371B9F9607
    >> Issuer Key Hash: 0F2C419BE6F7B3D59B93808561F885096DA010EC
    >> Serial Number: 07
    >> Request Extensions:
    >> OCSP Nonce:
    >> 0410852349544418C4E44C4CA51DB6C680F9
    >> Error querying OCSP responsder
    >> 15530:error:27070072:OCSP routines:OCSP_sendreq_bio:server response errorcsp_ht.c:147:Code=404,Reason=Not Found
    >> [xx@localhost Servers]$
    >> [xx@localhost Servers]$ lynx http://domain.com/ca/ocsp?CAId=0

    >
    > This seems to be HTTP 404, code.
    > No logs in Apache about openssl request. Works with other clients Firefox ocsp request, lynx with the same URI.
    > With openssl as server works, -url http://domain.com:800.
    >
    > I do not know the reason.But Seems a bug.
    >
    >
    >
    > --
    >
    >
    >
    >
    > --
    > Publicidad http://www.pas-world.com
    > __________________________________________________ ____________________
    > OpenSSL Project http://www.openssl.org
    > User Support Mailing List openssl-users@openssl.org
    > Automated List Manager majordomo@openssl.org
    >

    __________________________________________________ ____________________
    OpenSSL Project http://www.openssl.org
    User Support Mailing List openssl-users@openssl.org
    Automated List Manager majordomo@openssl.org


+ Reply to Thread