4

I'm implementing an OCSP server to answer OCSP requests for my custom CA.

I already implemented the invalidation of leaves certificates, with the intermediate CA certificate signing the OCSP response, and it seems to be working.

However, I have troubles implementing the OCSP response to invalidate a intermediate certificate. I believe this is a bad idea to use the root certificate to sign the OCSP response, therefore I was looking at the OCSP delegation of authority defined in RFC 6960. I have generated, using my root certificate, a certificate which I believe to be able to sign OCSP responses for OCSP requests about the other intermediate certificates :

Data:
 Version: 3 (0x2)
 ... //redacted
 X509v3 extensions:
 X509v3 Key Usage: critical
 CRL Sign
 X509v3 Basic Constraints: critical
 CA:FALSE
 OCSP No Check: critical
 X509v3 Extended Key Usage: 
 OCSP Signing

Let's call this certificate X

However, when I challenge my OCSP server with a request, openssl gives me the following answer :

$ openssl ocsp -issuer /tmp/ca-root -cert /tmp/inter -text -url http://127.0.0.1:5000/1/ocsp-inter/
...
Response Verify Failure
139690508489984:error:27069076:OCSP routines:OCSP_basic_verify:signer certificate not found:crypto/ocsp/ocsp_vfy.c:40:
139690508489984:error:27069076:OCSP routines:OCSP_basic_verify:signer certificate not found:crypto/ocsp/ocsp_vfy.c:40:
/tmp/inter: ERROR: No Status found.

What am I missing ? If I select the certificate X for the -issuer switch of openSSL it works, but it feels wrong.

I also had a look at the AIA extensions, and I'm unsure if the CA_ISSUER field should point to the root-ca, or to my certificate X

Thanks in advance helping me understand this

2
  • Unfortunately that error is pretty common. Could be multiple things but the most likely is a problem with the responder. Can you test the responder using known good certificates? Commented Dec 27, 2019 at 0:15
  • The certificate I used in this example is indeed a known good :( That's the main issue, I don't know if the fact that I have to indicate that the issuer is not the real issuer but the certificate that will be used to sign the OCSP response in order to get a "Response Verifiy Success" is wrong or not. I believe it is wrong, it feels wrong, but I can't put the pin on what's the good way of doing this. Commented Dec 28, 2019 at 0:57

1 Answer 1

0

I happened to have some experience in implementing an OCSP responder.

You might see "signer certificate not found" error if you didn't add the OCSP signing certificate, X, into the BasicOCSPResponse.

BasicOCSPResponse ::= SEQUENCE {
 tbsResponseData ResponseData,
 signatureAlgorithm AlgorithmIdentifier,
 signature BIT STRING,
 certs [0] EXPLICIT SEQUENCE OF Certificate OPTIONAL }
answered Nov 16, 2020 at 22:49

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.