I've been banging my head on the wall for the past few days trying to implement OCSP validation in Android. So far in iOS has been easy to implement, but for Android every single piece of informa...

I am using bouncy castle 1.48 to verify certificate validation with OCSP. It works good. But I'm using Ocsp Url as static variable and I want to read it from certificate. Url is written in certific...

How do I make a simple request for certificate revocation status to an EJBCA OSCP Responder using the Python requests library? Example: # Determine if certificate has been revoked ocsp_url = req_...

I am using Nginx to create a secure connection; when I revoked the client certificate, I also can connect to Nginx by https, I know I should config the ssl_crl directives, but I want to use OCSP to...

I'm trying to validate a client certificate on an OCSP server but it fails. This is the command that I'm trying to run: openssl ocsp -issuer test_ca_cert.pem -cert my_test_client_cert.pem -text -...

We can configure OCSP in tomcat using, <Connector port="8443" protocol="org.apache.coyote.http11.Http11AprProtocol" secure="true" scheme="https" SSLEnabled="true" SSLCertificateFile="/path...

I'm trying to figure out what iOS' policy is when verifying certificates using Security.Framework regarding revocation of certificates. I cannot find information about this in the docs for iOS. In ...

How do I manually check for certificate revocation status in java using OCSP, given just a client's java.security.cert.X509Certificate? I can't see a clear way to do it. Alternatively, can I make ...

As far as I know, OCSP only provides explicit means for requests and responses to be signed ([RFC2560, page 7] for requests, and [RFC2560, page 8] for responses), but it does not make any mention a...

As far as I know and as it is mentioned here there are two main technologies for browsers to check the revocation status of a particular certificate: using the Online Certificate Status Protocol (O...

I've been trying to check X.509 certificates revocation status in iOS 7.0 using both OCSP and CRL in different moments and the evaluation returns kSecTrustResultUnspecified (that means the certific...

I created an OCSP client using Bouncy castle API. I am having a trouble in finding the Certificate Status (Saying whether its revoked or not) from the OCSP response I get. The value returned from r...

When you request for an OCSP server to check the revocation status of a cert, does it automatically check the revocation status of the entire chain? i.e: if it says the cert is "good", then does t...

Could someone please help me on the following? RFC2560 defines when an OCSP responder certificate (sigining the response) could be accepted: 1. Matches a local configuration of OCSP signing auth...