OCSP_basic_verify:certificate verify error (Verify error:unable to get local issuer certificate) ERROR

Thu, 15 Jul 2010 03:00:04 -0700 

Hi,

Can someone help me on this error?
Im using apache 2.3 and trying to configure OCSP to validate client 
cerificates, but Is not working, and theres this errors on apache error_log:

It seems that Apache is not trusting the OCSP responder response, is that true?
Why not?..... what I am doing wrong?


[Wed Jul 14 16:39:45.745806 2010] [debug] [pid 32170] ssl_util_ocsp.c(79): 
[client 10.15.1.45:55268] connecting to OCSP responder 
'ocsp.root.cartaodecidadao.pt'
[Wed Jul 14 16:39:45.866440 2010] [debug] [pid 32170] ssl_util_ocsp.c(105): 
[client 10.15.1.45:55268] sending request to OCSP responder
[Wed Jul 14 16:39:46.101937 2010] [debug] [pid 32170] ssl_util_ocsp.c(209): 
[client 10.15.1.45:55268] OCSP response header: Date: Wed, 14 Jul 2010 15:28:45 
GMT
[Wed Jul 14 16:39:46.102024 2010] [debug] [pid 32170] ssl_util_ocsp.c(209): 
[client 10.15.1.45:55268] OCSP response header: Server: Apache
[Wed Jul 14 16:39:46.102053 2010] [debug] [pid 32170] ssl_util_ocsp.c(209): 
[client 10.15.1.45:55268] OCSP response header: X-Powered-By: Servlet 2.4; 
JBoss-4.0.5.GA (
build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
[Wed Jul 14 16:39:46.102078 2010] [debug] [pid 32170] ssl_util_ocsp.c(209): 
[client 10.15.1.45:55268] OCSP response header: Expires: Wed, 14 Jul 2010 
15:30:45 GMT
[Wed Jul 14 16:39:46.102105 2010] [debug] [pid 32170] ssl_util_ocsp.c(209): 
[client 10.15.1.45:55268] OCSP response header: Cache-Control: max-age=120
[Wed Jul 14 16:39:46.102128 2010] [debug] [pid 32170] ssl_util_ocsp.c(209): 
[client 10.15.1.45:55268] OCSP response header: Content-Length: 2530
[Wed Jul 14 16:39:46.102151 2010] [debug] [pid 32170] ssl_util_ocsp.c(209): 
[client 10.15.1.45:55268] OCSP response header: Connection: close
[Wed Jul 14 16:39:46.102178 2010] [debug] [pid 32170] ssl_util_ocsp.c(209): 
[client 10.15.1.45:55268] OCSP response header: Content-Type: 
application/ocsp-response
[Wed Jul 14 16:39:46.102205 2010] [debug] [pid 32170] ssl_util_ocsp.c(252): 
[client 10.15.1.45:55268] OCSP response: got 1127 bytes, 1127 total
[Wed Jul 14 16:39:46.105479 2010] [debug] [pid 32170] ssl_util_ocsp.c(252): 
[client 10.15.1.45:55268] OCSP response: got 1403 bytes, 2530 total
[Wed Jul 14 16:39:46.105580 2010] [debug] [pid 32170] ssl_util_ocsp.c(235): 
[client 10.15.1.45:55268] OCSP response: got EOF
[Wed Jul 14 16:39:46.106939 2010] [error] [pid 32170] SSL Library Error: 
error:27069065:OCSP routines:OCSP_basic_verify:certificate verify error (Verify 
error:unable t
o get local issuer certificate)
[Wed Jul 14 16:39:46.106992 2010] [error] [pid 32170] failed to verify the OCSP 
response

Regards,
Luis
                                          
_________________________________________________________________
Hotmail: Powerful Free email with security by Microsoft.
https://signup.live.com/signup.aspx?id=60969

Reply via email to