OCSP parsing in client certificate

Beltramini Francesco Francesco.Beltramini at ema.europa.eu
Fri Apr 19 17:18:16 CEST 2013

Ok I see what you mean. 
However, in my first mail I've also specified that: 

openssl x509 -in beltraminif.cer -noout -ocspid -ocsp_uri 
http://crl.ema.europa.eu/ocsp (which is the correct url) 

Do you know what kind of parsing is radius asking to openssl ? 


Francesco Beltramini

-----Original Message-----
From: freeradius-users-bounces+francesco.beltramini=ema.europa.eu at lists.freeradius.org [mailto:freeradius-users-bounces+francesco.beltramini=ema.europa.eu at lists.freeradius.org] On Behalf Of Alan DeKok
Sent: 19 April 2013 13:04
To: FreeRadius users mailing list
Subject: Re: OCSP parsing in client certificate

Beltramini Francesco wrote:
> Alan: does the change log refer to certificates without the proper extensions defined ? Because my situation is slightly different, the clients present a certificate that does contain the OCSP properties. 

  See the debug log.  OpenSSL doesn't think so.  It was showing "(null)"
for the various OCSP fields.

  Alan DeKok.
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

This e-mail has been scanned for all known viruses by European Medicines Agency.

More information about the Freeradius-Users mailing list