000023857 - OCSP client rejects OCSP Signer certificate used in RSA Validation Manager

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000023857
Applies ToRSA Certificate Manager 6.7
RSA Validation Manager 3.0
IssueOCSP client rejects OCSP Signer certificate used in RSA Validation Manager
How to generate OCSP Signer certificate from RSA Certificate Manager
ResolutionUsing the certificate request that was generated from RSA Validation Manager when creating the OCSP Signer certificate, submit it as a PKCS#10 request to the Enrollment Server of Certificate Manager.
Log in to RSA Certificate Manager as administrator, go to Certificate Operations -> View Request Active -> List All.
Find the certificate request and click on it to view the request.
Before issuing the certificate, from the Profile drop down list, select "Custom End-Entity", select all items in the PKCS10 Extension column, and deselect all items from the Available Extension column (use Ctrl-Click to deselect).

Once approved, import the certificate in RSA Validation Manager.
Legacy Article IDa35727

Attachments

    Outcomes