[openssl-users] Problems with server mode of openssl ocsp
rgm at htt-consult.com
Thu Sep 7 19:20:15 UTC 2017
Good progress. A few questions:
The sample server test command is:
openssl ocsp -port 127.0.0.1:2560 -text -sha256 \
-index intermediate/index.txt \
-CA intermediate/certs/ca-chain.cert.pem \
-rkey intermediate/private/ocsp.example.com.key.pem \
-rsigner intermediate/certs/ocsp.example.com.cert.pem \
Turns out this is a wrong format for -port. Only the portnum is
allowed, not the host. Turns out that
works as it seems to be listening on localhost. But how DO you set up
which address to listen on? -host seems to be only for client mode, and
I don't see how I would use -url.
The -sha256 option results in the error:
ocsp: Digest must be before -cert or -serial
ocsp: Use -help for summary.
I don't see either -cert or -serial in that command. If I leave the
hash out, it defaults to sha1. How do I specify the hash?
More information about the openssl-users