Maxwell Chandler
Reputation: 642
Verify ocsp response is signed by different key than Issuing CA
Given I have the issuing CAs pem, how would I verify the ocsp response from openssl ocsp is signed by a different key than the one binded to the CA? I am trying to make sure I set up my ocsp responder in EJBCA correctly.
Upvotes: -2
Views: 101
Answers (1)
primetomas
Reputation: 552
You should print the request and response, then you can see in the response what certificates are used to sign it. This is done with the -req_text and -resp_text options, i.e. openssl ocsp -req_text -resp_text
Upvotes: 1
Related Questions
- How does a public key verify a signature?
- How to make openssl ocsp responder busy
- HAproxy gives no OCSP response back: Response not sent
- Authorized responder for an OCSP response not validating with CertPathValidator
- How to get and extract signer's certificate in OCSP Response
- Should I accept an OCSP responder certificate signed by the trust anchor?
- Correct usage of OCSP_basic_verify() in openssl?
- Why aren't OCSP error messages signed?
- How to Send OCSP Request and receive OCSP response on Mobile Phone
- OCSP response parsing error. Error while BER Decoding