Closed diidiiman closed 3 years ago
I managed to replicate this also on project that is not inside AWS Lambda container using Spring Boot with zero configuration for test environment. Maybe someone knows of other reasons besides the ones described here https://github.com/open-eid/digidoc4j/wiki/Questions-&-Answers#if-ocsp-request-has-failed why it might fail?
Just for someone who might stumble upon this - I had setTrustedTerritories set in configuration which does not work with TEST environment... https://github.com/open-eid/digidoc4j/issues/80
Hello!
Maybe somebody can provide a helping hand?
Have configured PROD and TEST environments, both running on AWS Lambdas. The production environment functions properly and allows signing the documents with no issues (had only to gerenate new SSL truststore for LV) and appropriate configuration in
digidoc4j.yaml
:For TEST environment however empty
digidoc4j-test.yaml
throws error about LOTL. That got addressed by specifying SSL keystore, which got generated for "https://open-eid.github.io/test-TL/tl-mp-test-EE.xml" LOTL error went away, but now the strange OCSP error appeared:ERROR org.digidoc4j.impl.asic.AsicSignatureFinalizer - Signature does not contain OCSP response
Followed the instructions here: https://github.com/open-eid/digidoc4j/wiki/Questions-&-Answers#if-ocsp-request-has-failed
It is TEST configuration, It is DEMO certificate from SmartID, version of library is 4.0.3
Part which was not clear in terms of necessity is this one:
digidoc4j.yaml can also be configured with the following parameters: DIGIDOC_PKCS12_CONTAINER, DIGIDOC_PKCS12_PASSWD and SIGN_OCSP_REQUESTS.
Question which I would appreciate some guidance with, is there any other reason why OCSP would fail on TEST mode if no overrides are provided and DEMO smartID is used?
Whole request output below: