OCSP 测试服务器
来源:互联网 发布:知世故而不世故历圆滑 编辑:程序博客网 时间:2024/06/05 18:55
想请参照:http://www.openvalidation.org/useocspservicenew.htm
How to test client applications with OpenValidation.org
Developers can use the OpenValidation.org Responder Service to test the functionality of their OCSP-enabled client applications. OpenValidation.org provides certificates with known status and several virtual hosts to enable developers to test their OCSP clients extensively with a professional OCSP Responder.
To test an OCSP client application it is neccessary to download the OpenValidation RootCA certificate, OCSP Responder certificate and test certificates (with known status).
Configure your client application to send certificate staus requests to the OpenValidation.org OCSP Responder (http://ocsp.openvalidation.org). We provide several virtual hosts with different OCSP Responder configuration to allow testing with full range of possible responses.
Virtual Hosts at http://ocsp.openvalidation.org:
Port: 80 Standard configuration. OCSP Responder will accept all proper requests and send a signed response. Port: 8080 Response does not contain any attached certificates. Client must accept this response Port: 8081 Never replies nonce. Insecure but standard conform mode. Client application should warn in case of replay-attacks Port: 8082 The OCSP Responder will sign the response with randomized bytecode. Client should NOT accept this response. Port: 8083 OCSP response will always be revoked. Port: 8084 OCSP response will always be unknown. Port: 8085 OCSP response will always be malformed. Port: 8086 OCSP response will always be internal error. Port: 8087 OCSP response will always be try later. Port: 8088 OCSP response will always be signature required. Port: 8089 OCSP response will always be unauth. Port: 8090 Standard configuration with full Debuglogs. Debuglogs are visible at http://www.openvalidation.org/debug.phpHere you can find detailed information about processing certificate status requests with openssl.
E.g. an openssl status request and the answer with a valid test certificate could look like this:
C:/WINNT/System32/cmd.exe
C:/>openssl ocsp -host ocsp.openvalidation.org:80 -issuer RootCAcert.pem -VAfile OCSPServer.pem -cert User.pem
Response verify OK
User.pem: good
This Update: Aug 17 10:12:03 2001 GMT
Next Update: Aug 16 10:12:03 2006 GM
Or e.g. an openssl status request and the answer with known serial number of a revoked test certificate could look like this:
C:/>openssl ocsp -host ocsp.openvalidation.org:8090 -issuer RootCAcert.pem -VAfile OCSPServer.pem -serial 03
Response verify OK
03: revoked
This Update: Aug 17 10:12:03 2001 GMT
Next Update: Aug 16 10:12:03 2006 GMT
Revocation Time: Aug 17 10:10:39 2001 GM
These openssl request will only work with the newest release of openssl.
- OCSP 测试服务器
- openssl ocsp
- OCSP 原理
- 数字签名--ocsp
- Problem with OCSP response
- ocsp.properties.sample
- OCSP服务流程图
- OS X:OCSP和CRL的设置
- OCSP server in Windows2012R2 详细搭建过程
- 虚拟机火狐浏览器OCSP回应无效
- OCSP RFC 翻译 (RFC 2560 RFC 6960)
- 服务器配置(测试服务器)
- Apache 服务器负载测试
- 换服务器后测试
- 服务器稳定性测试
- APACHE测试服务器性能
- 测试服务器是否启动
- 服务器定时备份测试
- W-100, the New watch phone from Hyundai
- 整数划分问题(C语言求解)
- 敏捷软件开发模型--SCRUM
- 将mysql数据导入到MS Sql Server中
- 俄罗斯方块的数据结构及实现 struct of a tetris
- OCSP 测试服务器
- JSP内置对象
- 《面向对象分析与设计》摘录
- CRC编码规则举例
- Using a Java class to control directory searches for people and groups
- 现代计算机之父存疑 专家要求媒体修正30年公案
- novosec-bc-ext
- 身份证编号
- JBPM流程监控的实现[收藏]
