[Pki-users] ocsp doesn't work on the client side - "OCSP response signature invalid"
Ricardo Alexander Perez Ricardez
rperez at osh.com.mx
Thu Sep 15 20:12:21 UTC 2016
Error: "OCSP response signature invalid"
On the server side I have configured an instance of pki working properly, I have two subsystems a CA, and OCSP.
On the client side I have a valid certificate that I use to sign a PDF document
In Adobe Reader or Adobe Acrobat I perform the following steps:
1. Signing a PDF document
2. Validate Signature
3. I receive the message: "The validity of the signature is unknown"
4. Click on: Check the properties of signature
5. Click on: Show signer certificate
6. Click: Revocation tab
The following message is displayed:
We attempted to determine whether the certificate is valid by performing a revocation check using the protocol online certificate status (OCSP Online Certificate Status Protocol).
The OCSP response was signed by "OCSP Signing CA Certificate" on 2016/09/15 14:53:06 -05'00 '.
Click Details signer for more information on the source of the revocation information.
Click trouble seeing the problems encountered when performing this check revocation.
6. Click on: Problems Found
7. I get the message: "OCSP response signature invalid"
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pki-users/attachments/20160915/c2a8b44a/attachment.htm>
More information about the Pki-users
mailing list