This post has NOT been accepted by the mailing list yet.
My name is Juan Sebastian Cardenas, I'm a Systems engineer from Colombia
I am implementing an internal PKI for the organization where I work using openssl
The idea is to generate certificates and digital signatures to members of the organization so that they can sign documents of the office suite and eliminate the use of paper
I have success in creating the keys and certificates from a ca root and an intermediary, I am using the intermediary to sign certificates of users and the server OCSP
When creating user certificates I am defining the URI of OCSP server so that it can verify the validity of the certificate
And finally I am exporting user certificates to a pkcs12 format (.p12) to install the certificate and key user on the user's computer
After installing the pkcs12 key on user’s computer, I can use the programs of the office suite (word, excel, power point, etc..) to sign documents using the installed digital signature, however, only makes the connection to the OCSP server once and then no longer allow any verification or validation.
In reviewing the response from the OCSP server:
Reply Error: malformedRequest (1)
And then in the Office program, I can´t use the digital signature to sign documents anymore, and present the message the selected certificate can not be verified. Check the network connection (as had already been able to connect the first time)
Ask them please guide me regarding this specific error check with the OCSP server response.