EldoS | Feel safer!

Software components for data protection, secure storage and transfer

79877 - SB_OCSP_ERROR_NO_PARAMETERS for ocsp processRequest

Posted: 11/18/2008 18:42:04
by Chris Frattinger (Basic support level)
Joined: 11/12/2008
Posts: 7


I followed the how to for creating ocsp client requests and I get back this error for ProcessRequest(). I could not find any more details about this error. What parameters would it be referencing in the error? I populated the certificate to check (.certStorage), the issuing certificates (.IssuerCertStorage), the httpclient, and URL. The signing certificate was the only property not specified, but that didn't seem to be a requirement unless the ocsp responder indicated it. Some feedback about this error would be helpful. I'm in the process of evaluating the tool for ocsp implementation.

Posted: 11/19/2008 01:56:42
by Ken Ivanov (Team)

Thank you for your interest in our products.

First of all, would you be so kind to specify the exact class you are using? OCSP client classes do not contain the ProcessRequest() method; can it be that you are accidentally using a server-side class?
Posted: 11/19/2008 10:07:22
by Chris Frattinger (Basic support level)
Joined: 11/12/2008
Posts: 7

I'm sorry, I meant to say PerformRequest() of the TElHTTPOCSPClient. I'm using the correct class. I just miss-stated the method in the thread. Thanks.
Posted: 11/19/2008 10:19:03
by Ken Ivanov (Team)

Besides other cases, this error can be returned if URL or HTTPClient properties of the TElHTTPOCSPClient object are not set. Please check this first of all.
Posted: 11/19/2008 10:29:28
by Eugene Mayevski (Team)

Actually there are no other cases (in other cases other error codes are returned) so this is the only place where this error code can be returned. That's why I thought that maybe OP was asking about the server...

Sincerely yours
Eugene Mayevski
Posted: 11/19/2008 21:02:54
by Chris Frattinger (Basic support level)
Joined: 11/12/2008
Posts: 7

Well, I know the httpclient and URL was set but it was also set as non-SSL. That's how it was reported in the certificate's extension. Since the CA server was not actually running the OCSP responder this may just be an error on the CA side with a bad OCSP address, as you may be expecting the URL to always use a secure address. Is it that the URL did not indicate SSL when the http client used is an https client or are there other properties of the http client that I'm not setting?
Posted: 11/20/2008 08:41:21
by Ken Ivanov (Team)

OCSP responders can run as both secure (HTTPS) and non-secure (HTTP) web servers. The exact type of the server is detected by TElHTTPSClient by the protocol prefix ("https" or "http"). TElHTTPSClient can handle both HTTPS and HTTP requests.

Is the responder public? If yes, we could try to connect to it and check if it is a correct OCSP responder.
Posted: 11/21/2008 15:11:26
by Chris Frattinger (Basic support level)
Joined: 11/12/2008
Posts: 7

No, unfortunately it is not public. I'll play around some more.
Posted: 12/12/2008 17:27:02
by Chris Frattinger (Basic support level)
Joined: 11/12/2008
Posts: 7

Okay, sorry for taking so long to come back to this.
The SBHTTPSClient.TElHTTPSClient does not have a URL property exposed. The SBHTTPOCSPClient.TElHTTPOCSPClient contains a HTTPClient and URL property. Both are set but there's little information about what requires setting for the TElHTTPSClient that is set to the TElHTTPOCSPClient.HTTPClient property.

Posted: 12/13/2008 01:53:25
by Ken Ivanov (Team)

Please handle the following events of TElHTTPSClient object and check if they are fired:
* OnDocumentBegin,
* OnDocumentEnd,
* OnReceivingHeaders,
* OnPreparedHeaders,
* OnData.

If OnData, OnPreparedHeaders and OnReceivingHeaders are, please send us the contents of their parameters (the value of Headers.Text property for On*Headers events and the contents of the buffer passed to OnData event). Please use Helpdesk to post this information.



Topic viewed 4671 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS business operates as a division of /n software, inc. For more information, please read the announcement.

Got it!