OCSP response signature algorithm
John Jiang
john.sha.jiang at gmail.com
Sun Jul 5 22:15:30 UTC 2020
I just want to know how does OpenSSL implement RFC 6960 section 4.4.7.2
Responder Signature Algorithm Selection.
Could I take a OpenSSL responder to use SHA1withRSA signature algorithm
if the certificate is signed by this algorithm?
[1] https://tools.ietf.org/html/rfc6960#section-4.4.7.2
On Sat, Jul 4, 2020 at 12:18 AM John Jiang <john.sha.jiang at gmail.com> wrote:
> Hi,
> I'm using OpenSSL 1.1.1.
>
> Can I configure the OCSP response signature algorithm?
> For a RSA issuer, it looks SHA256withRSA always be selected.
>
> PreferredSignatureAlgorithms extension in OCSP request may affect this
> algorithm in OpenSSL OCSP response. However, I prefer to use configuration.
>
> Thanks!
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20200706/8a2d027a/attachment-0001.html>
More information about the openssl-users
mailing list