I am testing the Certificate Revocation functionality of a CMTS device. This requires me to setup a OCSP responder. Since it will only be used for testing I assume that the minimal implementation provided by OpenSSL should suffice.
I have extracted the a certificate from a cable modem, copied it to my PC and converted it to the PEM format. Now I want to register it in the OpenSSL OCSP database and start a server.
I have completed all these steps, but when I do a client request my server invariably responds with “unknown”. It seems to be completely unaware of my certificate’s existence.
I would greatly appreciate if anyone would be willing to have a look at my code. For your convenience, I have created a single script consisting of a sequential list of all used commands, from setting up the CA until starting the server:
You can also find the custom config file and the certificate that I am testing with:
Any help would be greatly appreciated.