[Pki-users] ocsp doesn't work on the client side - "OCSP response signature invalid"
John Magne
jmagne at redhat.com
Tue Sep 20 18:02:37 UTC 2016
Is your CA being trusted by the Adobe application in question?
----- Original Message -----
From: "Ricardo Alexander Perez Ricardez" <rperez at osh.com.mx>
To: pki-users at redhat.com
Sent: Thursday, September 15, 2016 1:12:21 PM
Subject: [Pki-users] ocsp doesn't work on the client side - "OCSP response signature invalid"
Error: "OCSP response signature invalid"
On the server side I have configured an instance of pki working properly, I have two subsystems a CA, and OCSP.
On the client side I have a valid certificate that I use to sign a PDF document
In Adobe Reader or Adobe Acrobat I perform the following steps:
1. Signing a PDF document
2. Validate Signature
3. I receive the message: "The validity of the signature is unknown"
4. Click on: Check the properties of signature
5. Click on: Show signer certificate
6. Click: Revocation tab
The following message is displayed:
We attempted to determine whether the certificate is valid by performing a revocation check using the protocol online certificate status (OCSP Online Certificate Status Protocol).
The OCSP response was signed by "OCSP Signing CA Certificate" on 2016/09/15 14:53:06 -05'00 '.
Click Details signer for more information on the source of the revocation information.
Click trouble seeing the problems encountered when performing this check revocation.
6. Click on: Problems Found
7. I get the message: "OCSP response signature invalid"
_______________________________________________
Pki-users mailing list
Pki-users at redhat.com
https://www.redhat.com/mailman/listinfo/pki-users
More information about the Pki-users
mailing list