Dr S N Henson wrote:
I managed the ocspd server to respond to the psm, anyway I get an error
into the HTTP reported format by psm. I don't know if this is related
to the response itself (and the reported error is not specific for the
response) or is a simple error in the HTTP syntax.
Here is what I send out BEFORE sending the DER encoded response:
HTTP/1.0 200 OK
Content-type: application/ocsp-response
Content-Length: 410
And then follows the response.
Some hint on OCSP support into netscape and mozilla:
o All requests are Version 1 (0x0);
o Netscape PSM is capable of requesting to ports
different from the 80 while Mozilla does not
correctly read the URL and uses only Port 80;
o Mozilla verifies all certificates when using
the prefs/security../manage certificates option
while Netscape PSM let you verify each certificate
separately;
More tests needed, anyway. Just a question about OCSP responders available:
someone has some URL for testing proposes ? If someone is interested in
seeing a very ugly piece of code (just testing, needs major work...)
I hope I will manage to put it onto the web within tomorrow at OpenCA
(guess the module name ... OpenCA-OCSPD ).
--
C'you,
Massimiliano Pala
--o-------------------------------------------------------------------------
Massimiliano Pala [OpenCA Project Manager] [EMAIL PROTECTED]
[EMAIL PROTECTED]
http://www.openca.org Tel.: +39 (0)59 270 094
http://openca.sourceforge.net Mobile: +39 (0)347 7222 365
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
