Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1039
Views
0
Helpful
1
Replies

OCSP request signature required. ASA 5540 8.2(4)

diegobalboa
Level 1
Level 1

‎01-15-2013 04:56 AM

Hi,

I need to check client´s certificate revocation status and I am using OCSP. I have an ASA 5540 with 8.2(4) software and ASDM 6.4.9.

I have the next log message from OCSP responder:

"OCSP status check failed. Reason: OCSP response status - request signature required."

OCSP server admin says that I have to sign OCSP requests with a certificate, which i have installed in my  ASA device. If request is signed, OCSP responder will give a response about the revocation status of the certificate, and this response will be signed by this server too. I have installed into ASA the OCSP´s responder certificate to validate de response from server.

I need to know if i can sign OCSP request using my client certificate, and if it is possible, how I can configure the ASA to sign it.

Thanks a lot for help :-)

Labels:
0 Helpful
1 Reply 1

Marcin Latosiewicz
Cisco Employee
Cisco Employee

‎01-15-2013 01:43 PM

Diego,

There is an enhancement request open on our side:

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsx67202

i.e. currently no-go. Check with your account manager or SE.

M.

0 Helpful
Customers Also Viewed These Support Documents