- First Post
- Replies
- Stats
-
Go to
- ----- 2025 -----
- January
- ----- 2024 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2023 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2022 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2021 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2020 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2019 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2018 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2017 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2016 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2015 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2014 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2013 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2012 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2011 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2010 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2009 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
- February
- January
- ----- 2008 -----
- December
- November
- October
- September
- August
- July
- June
- May
- April
- March
Hello,
Is it possible to have the ocsp subsystem log the status part (good, unkown etc.) of the
replies it sents out? I've got it configured correctly and the responses it gives are
as expected. However in transaction.log I can see that it replies, but not the status of
the reply (and the certificate it replies to), and with debug logging turned on I have a
multi-line ocsp response in a log file, and I don't feel like parsing that.
Is there a (preferably simple) way to let the ocsp responder log the certificate, the
status of that certificate and the requesting entity (for example by IP) in a plain-text
format?
--
Remy van Elst
https://raymii.org - https://sparklingnetwork.nl
Attachments:
- attachment.html (text/html — 1.5 KB)
On 08/07/2013 08:41 PM, Remy van Elst wrote:
Hello,
Is it possible to have the ocsp subsystem log the status part (good,
unkown etc.) of the replies it sents out? I've got it configured
correctly and the responses it gives are as expected. However in
transaction.log I can see that it replies, but not the status of the
reply (and the certificate it replies to), and with debug logging
turned on I have a multi-line ocsp response in a log file, and I don't
feel like parsing that.
Is there a (preferably simple) way to let the ocsp responder log the
certificate, the status of that certificate and the requesting entity
(for example by IP) in a plain-text format?
If you are processing logs, the best
log to process would have been the
logs under <instance>/logs/signedAudit, where each log message is
formulated systematically. However, since there is no requirement in
Common Criteria to log the result of the OCSP responses, there is no
such log messages existing. It can be potentially added however, in the
code, so that they can be added by the administrator in the configuration.
If this is something that you are very interested in, I encourage you to
file a feature request with some plausible reason on Dogtag so that it
can be reviewed and considered for future release.
Christina
--
Remy van Elst
https://raymii.org - https://sparklingnetwork.nl
_______________________________________________
Pki-users mailing list
Pki-users(a)redhat.com
https://www.redhat.com/mailman/listinfo/pki-users
4160
days inactive
4165
days old
1 comments
2 participants
tags (0)
participants (2)
-
Christina Fu -
Remy van Elst