EldoS | Feel safer!

Software components for data protection, secure storage and transfer


Also by EldoS: CallbackDisk
Create virtual disks backed by memory or custom location, expose disk images as disks and more.
Posted: 08/15/2013 05:45:01
by ingbabic  (Standard support level)
Joined: 09/27/2011
Posts: 114

I have written application for digital signing where I wanted to write in signature OCSP infomation. Although I have called:


no OCSP information was written in signature. Then I have implemented OnBeforeOCSPClientUse event and noticed that OCSPClient was null. Then I wrote following:
void CertValidator_OnBeforeOCSPClientUse(object Sender, TElX509Certificate Certificate, TElX509Certificate CACertificate, string OCSPLocation, ref SBOCSPClient.TElOCSPClient OCSPClient)
    if (OCSPClient == null)
        OCSPClient = new TElHTTPOCSPClient();
        ((TElHTTPOCSPClient)OCSPClient).HTTPClient = new TElHTTPSClient();

and OCSP information was correctly written in signature. Now the questions :).
Why OCSPClient was null? Do I have to do something in addition except registering OCSPClientFactory? I have seen that in your sample HTTPSGet (inside HTTPBlackBox) OCSPClient was not null. Is it sufficient this what I have wrote in event handler, or I have to do something else? Although my code is working I want to know if there are some problems that might arise sometimes?

Posted: 08/15/2013 10:26:46
by Ken Ivanov (EldoS Corp.)


Thank you for contacting us.

The validator identifies the type of OCSP client object to create by the certificate's OCSP responder location. TElHTTPOCSPClient supports locations that begin with 'http://' and 'https://'. Apparently, the location of your OCSP service stated in the certificate begins with different substring. Could you please check the value of the OCSPLocation parameter passed to the OnBeforeOCSPClientUse event?
Posted: 08/16/2013 03:21:19
by ingbabic  (Standard support level)
Joined: 09/27/2011
Posts: 114

OCSPLocation is
Posted: 08/16/2013 03:29:48
by Eugene Mayevski (EldoS Corp.)

That is strange. Can you please craft a small test case (or modify our sample application) and post it to HelpDesk? I am sure that the problem is specific to the code, so creating a test case will expose its source.

Sincerely yours
Eugene Mayevski



Topic viewed 612 times

Number of guests: 1, registered members: 0, in total hidden: 0


Back to top

As of July 15, 2016 EldoS Corporation will operate as a division of /n software inc. For more information, please read the announcement.

Got it!