ocsp doesn't work on the client side - "OCSP response signature invalid"
by Ricardo Alexander Perez Ricardez
Error: "OCSP response signature invalid"
On the server side I have configured an instance of pki working properly, I have two subsystems a CA, and OCSP.
On the client side I have a valid certificate that I use to sign a PDF document
In Adobe Reader or Adobe Acrobat I perform the following steps:
1. Signing a PDF document
2. Validate Signature
3. I receive the message: "The validity of the signature is unknown"
4. Click on: Check the properties of signature
5. Click on: Show signer certificate
6. Click: Revocation tab
The following message is displayed:
We attempted to determine whether the certificate is valid by performing a revocation check using the protocol online certificate status (OCSP Online Certificate Status Protocol).
The OCSP response was signed by "OCSP Signing CA Certificate" on 2016/09/15 14:53:06 -05'00 '.
Click Details signer for more information on the source of the revocation information.
Click trouble seeing the problems encountered when performing this check revocation.
6. Click on: Problems Found
7. I get the message: "OCSP response signature invalid"