I need to check client´s certificate revocation status and I am using OCSP. I have an ASA 5540 with 8.2(4) software and ASDM 6.4.9.
I have the next log message from OCSP responder:
"OCSP status check failed. Reason: OCSP response status - request signature required."
OCSP server admin says that I have to sign OCSP requests with a certificate, which i have installed in my ASA device. If request is signed, OCSP responder will give a response about the revocation status of the certificate, and this response will be signed by this server too. I have installed into ASA the OCSP´s responder certificate to validate de response from server.
I need to know if i can sign OCSP request using my client certificate, and if it is possible, how I can configure the ASA to sign it.
Thanks a lot for help :-)