Menu
▾
▴
[Ejbca-develop] External OCSP Responder issue
|
From: M.G.R <mg....@ni...> - 2013-02-20 06:43:40
|
I have setup the External OCSP Responder by using the OCSP Installation guide. but while publish using the Publisher Type -> Validation Authority Publisher with ocsp database is not updating. So I have manually inserted the CA certificate and user certificate issued by that CA. Then, I have requested for the OCSP Response using openssl ocsp client. It shows the following error. Please give any soln for this issue. Input Error: $ openssl ocsp -issuer AdminCA1.pem -cert ramesh.pem -url http://10.163.14.120:8080/ejbca/publicweb/status/ocsp -respout resp.der -no_cert_verify Error querying OCSP responsder Output Error: 2013-02-20 10:30:13,674 INFO [org.ejbca.core.protocol.ocsp.standalonesession.SigningEntityContainer] (http-0.0.0.0-8080-1) No card password specified. 2013-02-20 10:30:14,175 WARN [org.ejbca.core.protocol.ocsp.standalonesession.SigningEntityContainer] (http-0.0.0.0-8080-1) You have not specified ocsp.p11.p11password at build time. So you need to do a manual activation. 2013-02-20 10:30:14,175 ERROR [org.ejbca.core.protocol.ocsp.standalonesession.SigningEntityContainer] (http-0.0.0.0-8080-1) No valid keys. Key directory /home/otc/ejbca/jboss-5.1.0.GA/bin/keys. No P11 defined. 2013-02-20 10:30:14,175 INFO [org.ejbca.ui.web.protocol.OCSPServletBase] (http-0.0.0.0-8080-1) Received OCSP request for certificate with serNo: 33f74ee237b19e46, and issuerNameHash: 4145f8a5ccf07e01ebf1d22d40a1e29392b1e02e. Client ip 10.163.14.120. 2013-02-20 10:30:14,186 INFO [org.ejbca.ui.web.protocol.OCSPServletBase] (http-0.0.0.0-8080-1) Adding status information (good) for certificate with serial '33f74ee237b19e46' from issuer 'CN=AdminCA1,O=EJBCA Sample,C=SE'. 2013-02-20 10:30:24,188 ERROR [org.ejbca.ui.web.protocol.OCSPServletBase] (http-0.0.0.0-8080-1) Error processing OCSP request. Message: No ocsp signing key for caid -1688117755. org.ejbca.core.model.ca.caadmin.extendedcaservices.ExtendedCAServiceNotActiveException: No ocsp signing key for caid -1688117755 at org.ejbca.core.protocol.ocsp.standalonesession.StandAloneSession.extendedService(StandAloneSession.java:390) at org.ejbca.ui.web.protocol.OCSPServletStandAlone.extendedService(OCSPServletStandAlone.java:131) at org.ejbca.ui.web.protocol.OCSPServletBase.signOCSPResponse(OCSPServletBase.java:228) at org.ejbca.ui.web.protocol.OCSPServletBase.serviceOCSP(OCSPServletBase.java:934) at org.ejbca.ui.web.protocol.OCSPServletBase.doPost(OCSPServletBase.java:380) at javax.servlet.http.HttpServlet.service(HttpServlet.java:637) at javax.servlet.http.HttpServlet.service(HttpServlet.java:717) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:235) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:190) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:433) at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92) at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126) at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:829) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:598) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) at java.lang.Thread.run(Thread.java:679) -- View this message in context: http://old.nabble.com/External-OCSP-Responder-issue-tp35044907p35044907.html Sent from the EjbCA - Dev mailing list archive at Nabble.com. |
