Closed gezhouyu closed 5 years ago
Hello, I have encountered the following problems when using openssl:
When I use the OpenSSL cmp to simulate a client to apply for a certificate, this error is reported. What should I do? When you use the OpenSSL cmp to simulate a client to apply for a certificate, what files need to be configured? CMP INFO: using OpenSSL configuration file '/opt/openssl/../openssl-1.1.0j/openssl.cnf' CMP INFO: no [cmp] section found in config file '/opt/openssl/../openssl-1.1.0j/openssl.cnf'; will thus use just [default] and unnamed section if present CMP INFO: sending ir 140327457654592:error:27076072:OCSP routines:parse_http_line1:server response error:crypto/ocsp/ocsp_ht.c:260:Code=404 140327457654592:error:390B1091:CMP routines:OSSL_CMP_MSG_http_perform:failed to receive pkimessage:crypto/cmp/cmp_http.c:516: 140327457654592:error:390A1098:CMP routines:OSSL_CMP_exec_IR_ses:ip not received:crypto/cmp/cmp_ses.c:199:
Your CMP server returned an HTTP 404 code. That means that you either configured the wrong server parameters (host, port, path) in the client or you misconfigured the server.
I recommend that you use Wireshark to see where you actually send the CMP/HTTP request to, and then verify that it is the same you configured.
The client has an extensive --help section, and you will find a man page either installed (depending how you built/installed) or in a file called cmp.pod in the source code.
How to set Content-Type when the cmp client sends a request whose Content-Type is application/pkixcmp in HttpRequester?