Highest Voted 'ocsp' Questions

2

votes

1 answer

Does X590Certificate.Build use OCSP if ChainPolicy RevocationMode Online is used?

If you have code like the following: is OCSP used for the 'online' revocation check? X509Chain ch = new X509Chain(); ch.ChainPolicy.RevocationMode = X509RevocationMode.Online; ch.Build (certificate); The API documentation is not explicit about…

asked May 28 '19 at 11:48

Malcolm Tucker's Wyvern

21
2

2

votes

1 answer

How to create ocsp request using openssl in c++?

I am trying to send a ocsp request to an ocsp server using C++, but I can't find anything to prepare the request. In the documentation I found the following functions long SSL_get_tlsext_status_ocsp_resp(ssl, unsigned char **resp); long…

c++ openssl ocsp

asked May 22 '19 at 09:16

pape

21
1
3

2

votes

0 answers

Java SSL OCSP checks fail to validate the entire chain of trust with Certificate does not specify OCSP responder

I have a Java application that recently moved to SSL and it has a problem when performing checks on all certificates in the chain of trust, but works fine when I set it to check the server certification only. Checks are performed using OCSP only…

java ssl ocsp

asked Feb 03 '19 at 20:19

Alin

111
1
10

2

votes

2 answers

Java OCSP Client using openSSL

my requirement is like that, I have a Client CA certificate in my machine, and I am getting a customer CA cert's encoded data from a request message's header. I have to validate the customar CA through Java-OCSP using openSSL. Can anybody help me in…

java openssl ocsp

asked Mar 03 '11 at 15:08

suman

21
1
2

2

votes

0 answers

BouncyCastle Timestamp with OCSP embedded

There: I am building TimeStamp Authorization by BouncyCastle (c#), everything is ok, however, I can't figure out how I can embed OCSP response when sign by timestamp key, by default, it just use CRL which defined in timestamp…

c# timestamp bouncycastle ocsp

asked Jul 09 '18 at 05:36

Box Very

418
4
14

2

votes

0 answers

Does WCF client support OCSP stapling?

I'm calling a SOAP service with a .Net WCF proxy client class. Is it possible to improve CRL checking performance by using OCSP stapling? I have looked at the X509ServiceCertificateAuthentication.RevocationMode property but that only supports the…

c# wcf security ssl ocsp

asked May 09 '18 at 15:29

StefanOS

2,718
2
25
27

2

votes

1 answer

Apache client authentication OCSP responder issue

I'm having an issue with setting up Apache 2.4.29 on Windows for client authentication with a working OCSP responder. Client authentication works fine when the OCSP responder is turned off. I am also able to verify my client certificate status is…

apache ssl openssl ocsp ssl-client-authentication

asked Mar 11 '18 at 15:59

jbaranski

1,214
2
15
21

2

votes

1 answer

Java Web Start: Certificate does not specify OCSP responder

I try to connect with Java 8 via HTTPS to a JNLP file on a an intranet server which has a self-signed TLS certificate. When Java Web Start tries to load the first resource (a file from that server) specified in the JNLP try, it throws an…

java-web-start ocsp

asked Aug 23 '17 at 09:52

Marcus

1,857
4
22
44

2

votes

1 answer

how to use proxy in OCSP request

I need to validate X509 Certificate using OCSP using http proxy. Here is my code: List certificates = Collections.singletonList(certificate); CertPath cp = factory.generateCertPath(certificates); …

java proxy ocsp

asked Apr 25 '17 at 12:29

Loginus

151
8

2

votes

0 answers

Sign PDF with itextsharp: Embed multiple OCSP Responses

I want to sign PDF Files with itextsharp. Since now, i embedded the CRLs into the Signature. This has made my PDF really huge. A 300 KB PDF went up to over 1 MB in size. So i decided to embed the OCSP-Responses instead of the CRLs. Here is the…

c# pdf itext digital-signature ocsp

asked Dec 08 '16 at 21:42

daprodigy23

21
3

2

votes

1 answer

Does haproxy support OCSP for client certificate validation

We are configuring HAProxy to force require Client Certificate Validation. This works well. However, we couldn't find much information about OCSP support specifically for client certificate validation. There are information about Certificate…

ssl ssl-certificate haproxy client-certificates ocsp

asked Nov 08 '16 at 18:28

Hari Chandrasekhar

43
4

2

votes

0 answers

Apache httpd - OCSP-Stapling - ssl:error AH02217

Introduction I want to configure OCSP Stapling for my httpd service, which is running in this version: [root@localhost ~]# httpd -v Server version: Apache/2.4.6 (CentOS) Server built: Nov 19 2015 21:43:13 I am running this Linux…

apache ssl ssl-certificate httpd.conf ocsp

asked Apr 06 '16 at 12:08

kiltek

3,183
6
47
70

2

votes

1 answer

x509v3 Authority Info Access

Is the AuthorityInfoAccess field mandatory in x509v3? I have some certificates, and I'm trying to do OCSP verification, but they don't seem to have this field when I do openssl x509 -in file.cer -inform DER -text -noout I was wondering if it's not…

x509 ocsp

asked Dec 14 '15 at 22:08

Gakho

603
1
9
18

2

votes

2 answers

How can we do our own Certificate Verification Step in HTTPS

I need to put my own certificate verification step in SSL Handshake when making an HTTPS connection with HttpsURLConnection. I have written my own certificate verification code to verify some property in the host certificates say Certificate…

java ssl https ocsp certificate-revocation

asked Feb 05 '14 at 10:05

Jeewantha

965
1
11
28

2

votes

0 answers

How can I extract a certificate from the OpenSSL default CA bundle by subject or hash?

Is there any way to look up a certificate from OpenSSL's default store if I know the subject or the hash of the one I want, or perhaps if I have a certificate that was signed by it? I can verify the certificate (and thus determine that the issuer is…

openssl x509 ocsp

asked Jan 05 '14 at 09:01

joshlitherland

21
3

Questions tagged [ocsp]