<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=utf-8">
<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:dt="uuid:C2F41010-65B3-11d1-A29F-00AA00C14882" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta name="Microsoft Theme 2.00" content="Network 011"><meta name=Generator content="Microsoft Word 15 (filtered medium)"><!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:DengXian;
panose-1:2 1 6 0 3 1 1 1 1 1;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:"Trebuchet MS";
panose-1:2 11 6 3 2 2 2 2 2 4;}
@font-face
{font-family:"Myriad Pro";
panose-1:2 11 5 3 3 4 3 2 2 4;}
@font-face
{font-family:"\@DengXian";
panose-1:2 1 6 0 3 1 1 1 1 1;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Trebuchet MS",sans-serif;
color:black;}
h1
{mso-style-priority:9;
mso-style-link:"Heading 1 Char";
margin-top:12.0pt;
margin-right:0in;
margin-bottom:0in;
margin-left:0in;
margin-bottom:.0001pt;
page-break-after:avoid;
font-size:16.0pt;
font-family:"Trebuchet MS",sans-serif;
color:black;}
h2
{mso-style-priority:9;
mso-style-link:"Heading 2 Char";
margin-top:2.0pt;
margin-right:0in;
margin-bottom:0in;
margin-left:0in;
margin-bottom:.0001pt;
page-break-after:avoid;
font-size:14.0pt;
font-family:"Trebuchet MS",sans-serif;
color:black;
font-weight:normal;}
h3
{mso-style-priority:9;
mso-style-link:"Heading 3 Char";
margin-top:2.0pt;
margin-right:0in;
margin-bottom:0in;
margin-left:0in;
margin-bottom:.0001pt;
page-break-after:avoid;
font-size:13.0pt;
font-family:"Trebuchet MS",sans-serif;
color:black;
font-weight:normal;}
h4
{mso-style-priority:9;
mso-style-link:"Heading 4 Char";
margin-top:2.0pt;
margin-right:0in;
margin-bottom:0in;
margin-left:0in;
margin-bottom:.0001pt;
page-break-after:avoid;
font-size:14.0pt;
font-family:"Trebuchet MS",sans-serif;
color:black;
font-weight:normal;}
h5
{mso-style-priority:9;
mso-style-link:"Heading 5 Char";
margin-top:2.0pt;
margin-right:0in;
margin-bottom:0in;
margin-left:0in;
margin-bottom:.0001pt;
page-break-after:avoid;
font-size:13.0pt;
font-family:"Trebuchet MS",sans-serif;
color:black;
font-weight:normal;}
h6
{mso-style-priority:9;
mso-style-link:"Heading 6 Char";
margin-top:2.0pt;
margin-right:0in;
margin-bottom:0in;
margin-left:0in;
margin-bottom:.0001pt;
page-break-after:avoid;
font-size:11.0pt;
font-family:"Trebuchet MS",sans-serif;
color:black;
font-weight:normal;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:#0066CC;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:#999999;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Trebuchet MS",sans-serif;
color:#1F4E79;
font-weight:normal;
font-style:normal;}
span.Heading1Char
{mso-style-name:"Heading 1 Char";
mso-style-priority:9;
mso-style-link:"Heading 1";
font-family:"Trebuchet MS",sans-serif;
color:black;
font-weight:bold;}
span.Heading2Char
{mso-style-name:"Heading 2 Char";
mso-style-priority:9;
mso-style-link:"Heading 2";
font-family:"Trebuchet MS",sans-serif;
color:black;}
span.Heading3Char
{mso-style-name:"Heading 3 Char";
mso-style-priority:9;
mso-style-link:"Heading 3";
font-family:"Trebuchet MS",sans-serif;
color:black;}
span.Heading4Char
{mso-style-name:"Heading 4 Char";
mso-style-priority:9;
mso-style-link:"Heading 4";
font-family:"Trebuchet MS",sans-serif;
color:black;}
span.Heading5Char
{mso-style-name:"Heading 5 Char";
mso-style-priority:9;
mso-style-link:"Heading 5";
font-family:"Trebuchet MS",sans-serif;
color:black;}
span.Heading6Char
{mso-style-name:"Heading 6 Char";
mso-style-priority:9;
mso-style-link:"Heading 6";
font-family:"Trebuchet MS",sans-serif;
color:black;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri",sans-serif;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body bgcolor=white background="cid:image001.gif@01D53B2B.A63C7470" lang=EN-US link="#0066CC" vlink="#999999"><img src="cid:image001.gif@01D53B2B.A63C7470" v:src="cid:image001.gif@01D53B2B.A63C7470" v:shapes="_x0000_Mail" width=0 height=0 class=shape style='display:none;width:0;height:0'><!--[if gte mso 9]><xml>
<v:background id="_x0000_s1025" o:bwmode="white" o:targetscreensize="1024,768">
<v:fill src="cid:image001.gif@01D53B2B.A63C7470" o:title="netbkgnd" type="frame" />
</v:background></xml><![endif]--><div class=WordSection1><p class=MsoNormal><span style='color:#1F4E79'>Hi All,<o:p></o:p></span></p><p class=MsoNormal><span style='color:#1F4E79'><o:p> </o:p></span></p><p class=MsoNormal><span style='color:#1F4E79'>I’m trying to get an OCSP server operating in an SSL (really TLS1.2) environment. It works fine in the HTTP world, but I’m having issues with getting s_server to handle the communication in the Secure HTTPS world.<o:p></o:p></span></p><p class=MsoNormal><span style='color:#1F4E79'><o:p> </o:p></span></p><p class=MsoNormal><span style='color:#1F4E79'>If anyone has any suggestions to get the connection to persist I’d be VERY appreciative!<o:p></o:p></span></p><p class=MsoNormal><span style='color:#1F4E79'><o:p> </o:p></span></p><p class=MsoNormal><span style='color:#1F4E79'>This is what I’m seeing:<o:p></o:p></span></p><p class=MsoNormal><span style='color:#1F4E79'><o:p> </o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'>--- Using OpenSSL v1.1.1c to enable TLS on Port 8902 ---<o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'><o:p> </o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'>C:\OpenSSL-Win64\bin>openssl s_server -port 8902 -4 -certform PEM -cert "C:\OpenSSL-Win64\bin\PEM\test.cer" -cert_chain C:\OpenSSL-Win64\bin\PEM\DigiCertTrustChain.cer -keyform PEM -pass pass:password -key "C:\OpenSSL-Win64\bin\PEM\test_key.pem" -status_verbose<o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'><o:p> </o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'>Using default temp DH parameters<o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'>ACCEPT<o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'><o:p> </o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'>cert_status: callback called<o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'>cert_status: AIA URL: http://ocsp.digicert.com<o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'>cert_status: Can't retrieve issuer certificate.<o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'>-----BEGIN SSL SESSION PARAMETERS-----<o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'>MFoCAQECAgMDBALAMAQABDBt6uS6sCfohxxHvmv7hPIXRbjKzDqNJqoCpymZR1qc<o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'>CpGHf1mBjQ5/B32R7/aXl8mhBgIEXS0L6KIEAgIcIKQGBAQBAAAArQMCAQE=<o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'>-----END SSL SESSION PARAMETERS-----<o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'>Shared ciphers:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES256-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA<o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'>Signature Algorithms: RSA+SHA256:RSA+SHA384:RSA+SHA1:ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA1:DSA+SHA1:RSA+SHA512:ECDSA+SHA512<o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'>Shared Signature Algorithms: RSA+SHA256:RSA+SHA384:RSA+SHA1:ECDSA+SHA256:ECDSA+SHA384:ECDSA+SHA1:DSA+SHA1:RSA+SHA512:ECDSA+SHA512<o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'>Supported Elliptic Curve Point Formats: uncompressed<o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'>Supported Elliptic Groups: X25519:P-256:P-384<o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'>Shared Elliptic groups: X25519:P-256:P-384<o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'>---<o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'>No server certificate CA names sent<o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'>CIPHER is ECDHE-RSA-AES256-GCM-SHA384<o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'>Secure Renegotiation IS supported<o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'>POST / HTTP/1.1<o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'>Accept: */*<o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'>Content-Type: application/ocsp-request<o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'>Content-Length: 143<o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'>Character-Encoding: binary<o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'>User-Agent: PPKHandler<o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'>Host: gemma.adobe.com:8902<o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'>Connection: Keep-Alive<o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'>Cache-Control: no-cache<o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'>Cookie: AAMC_adobe_0=REGION%7C9; s_nr=1562971576381-Repeat; adcloud={%22_les_v%22:%22y%2Cadobe.com%2C1564005807%22}; AMCV_9E1005A551ED61CA0A490D45%40AdobeOrg=-1303530583%7CMCAID%7C2D05BCDE05032D0E-40001185A003F0F0%7CMCMID%7C06088709957453939181689303953590820094%7CMCAAMLH-1563576332%7C9%7CMCAAMB-1563576332%7Cj8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI%7CMCOPTOUT-1562978727s%7CNONE%7CvVersion%7C3.3.0%7CMCIDTS%7C18072%7CMCSYNCSOP%7C411-18079%7CMCCIDH%7C1521286796; mbox=PC#ddd404f9c1d0418ba9692aaf983e9e03.28_36#1626216329|session#7b3f3fbfb1504526acdb639358290766#1562973437; s_vi=[CS]v1|2D05BCDE05032D0E-40001185A003F0F0[CE]; _fbp=fb.1.1561413807767.1078876052<o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'><o:p> </o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'>0<br>� +�00� +�0<span style='font-size:12.0pt;font-family:"Trebuchet MS",sans-serif;color:#1F4E79;mso-fareast-language:ZH-CN'>[1]</span><hr align=left size=1>�<hr align=left size=1>ƒ°â</span><span lang=ZH-CN style='font-family:DengXian;color:#1F4E79'>█</span><span style='color:#1F4E79'>g</span><span lang=ZH-CN style='font-family:DengXian;color:#1F4E79'>┘</span><span style='font-family:"Arial",sans-serif;color:#1F4E79'>⌐</span><span lang=ZH-CN style='font-family:DengXian;color:#1F4E79'>├</span><span style='color:#1F4E79'>Z<₧é</span><span lang=ZH-CN style='font-family:DengXian;color:#1F4E79'>╚</span><span style='color:#1F4E79'> @ERROR<o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'>shutting down SSL<o:p></o:p></span></p><p class=MsoNormal style='margin-left:.5in'><span style='color:#1F4E79'>CONNECTION CLOSED<o:p></o:p></span></p><p class=MsoNormal><span style='color:#1F4E79'><o:p> </o:p></span></p><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#365F91'><o:p> </o:p></span></p><table class=MsoNormalTable border=0 cellspacing=0 cellpadding=0 style='border-collapse:collapse'><tr><td width=109 valign=bottom style='width:81.9pt;border-top:solid windowtext 1.0pt;border-left:none;border-bottom:none;border-right:solid black 1.0pt;padding:0in 5.4pt 0in 5.4pt'><p class=MsoNormal align=center style='text-align:center;line-height:115%'><span style='font-size:11.0pt;line-height:115%;font-family:"Calibri",sans-serif;color:#365F91'><img width=68 height=87 style='width:.7083in;height:.9062in' id="Picture_x0020_1" src="cid:image002.gif@01D53B2B.A63C7470" alt="Description: Description: cid:977323607@08042008-1EBD"></span><span style='font-size:11.0pt;line-height:115%;font-family:"Times New Roman",serif;color:#365F91'><o:p></o:p></span></p><p class=MsoNormal align=center style='text-align:center;line-height:115%'><span style='font-size:11.0pt;line-height:115%;font-family:"Times New Roman",serif;color:#365F91'><o:p> </o:p></span></p></td><td width=192 valign=top style='width:2.0in;border:none;border-top:solid windowtext 1.0pt;padding:0in 5.4pt 0in 5.4pt'><p class=MsoNormal style='line-height:115%'><b><span style='font-size:9.5pt;line-height:115%;font-family:"Myriad Pro",sans-serif;color:#365F91'>Steven Madwin</span></b><b><span style='font-size:9.5pt;line-height:115%;font-family:"Myriad Pro",sans-serif;color:#365F91'><o:p></o:p></span></b></p><p class=MsoNormal style='line-height:115%'><span style='font-size:9.5pt;line-height:115%;font-family:"Myriad Pro",sans-serif;color:#365F91'>Software PKI Engineer<o:p></o:p></span></p><p class=MsoNormal style='line-height:115%'><span style='font-size:9.5pt;line-height:115%;font-family:"Myriad Pro",sans-serif;color:#365F91'>Adobe Inc.<o:p></o:p></span></p><p class=MsoNormal style='line-height:115%'><span style='font-size:9.5pt;line-height:115%;font-family:"Myriad Pro",sans-serif;color:#365F91'>345 Park Avenue, MS-W15<o:p></o:p></span></p><p class=MsoNormal style='line-height:115%'><span style='font-size:9.5pt;line-height:115%;font-family:"Myriad Pro",sans-serif;color:#365F91'>San Jose, CA 95110-2704 USA<o:p></o:p></span></p><p class=MsoNormal style='line-height:115%'><span style='font-size:9.5pt;line-height:115%;font-family:"Myriad Pro",sans-serif;color:#365F91'>Phone: 408.536.4343<o:p></o:p></span></p><p class=MsoNormal style='line-height:115%'><span style='font-size:9.5pt;line-height:115%;font-family:"Myriad Pro",sans-serif;color:#365F91'>Fax: 408.536.6024<o:p></o:p></span></p><p class=MsoNormal style='line-height:115%'><span style='font-size:11.0pt;line-height:115%;font-family:"Calibri",sans-serif;color:#365F91'><a href="mailto:Steven.Madwin@adobe.com"><span style='font-size:9.5pt;line-height:115%;font-family:"Myriad Pro",sans-serif;color:blue'>Steven.Madwin@adobe.com</span></a></span><b><span style='font-size:9.5pt;line-height:115%;font-family:"Myriad Pro",sans-serif;color:#365F91'><o:p></o:p></span></b></p></td></tr></table><p class=MsoNormal><span style='font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F4E79'><o:p> </o:p></span></p><p class=MsoNormal><o:p> </o:p></p></div></body></html>