[openssl-users] Manually checking against ocsp.comodoca.com producess an error

Усманов Азат Анварович usmanov at ieml.ru
Thu Oct 18 10:08:58 UTC 2018


Hi! I'm trying to manually check ocsp with ocsp utility with OpenSSL 1.1.1 ,I'm receiving an error

 openssl version
OpenSSL 1.1.1  11 Sep 2018


 openssl ocsp -no_nonce -header Host=ocsp.comodoca.com -issuer issuer.crt -cert /home/idis/STAR_ieml_ru.crt -url http://ocsp.comodoca.com/ -CAfile issuer.crt
Error querying OCSP responder
140179987232512:error:27076072:OCSP routines:parse_http_line1:server response error:crypto/ocsp/ocsp_ht.c:260:Code=301
when I try to access ocsp.url via wget I get strange result

# wget http://ocsp.comodoca.com/
--2018-10-18 12:57:53--  http://ocsp.comodoca.com/
Устанавливается соединение с 192.168.1.2:3128... соединение установлено.
Запрос Proxy послан, ожидается ответ... 200 OK
Длина: 5 [application/ocsp-response]
Saving to: «index.html.8»

100%[===================================================================================================================================================================================================>] 5           --.-K/s   в 0s

2018-10-18 12:57:54 (483 KB/s) - «index.html.8» saved [5/5]

[root] ~# less index.html.8
0^C
^A^A
index.html.8 (END)

Any idea what is going on here?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20181018/2a7f510b/attachment.html>


More information about the openssl-users mailing list