OcspReadResponse Method

Read a response to an Online Certification Status Protocol (OCSP) request and outputs the main results in text form.

Namespace: CryptoSysPKI
Assembly: diCrSysPKINet (in diCrSysPKINet.dll) Version: 23.0.0.30549 (23.1.0.0)

Syntax

public static string ReadResponse(
	string responseFile,
	string issuerCert
)

Public Shared Function ReadResponse ( 
	responseFile As String,
	issuerCert As String
) As String

Parameters

responseFile String: name of the file containing the response data in BER format.
issuerCert String: (optional) name of issuer's X.509 certificate file (or base64 representation)

Return Value

String
A text string outlining the main results in the response data or an empty string on error.

Remarks

Note that a revoked certificate will still result in a "Successful response", so check the CertStatus. The issuer's X.509 certficate issuerCert is optional. If provided, it will be used to check the signature on the OCSP reponse and and an error will result if the signature is not valid. CAUTION: For some CAs (e.g. VeriSign) the key used to sign the OCSP response is not the same as the key in the issuer's certificate, so specifying the issuer's certificate in this case will result in a signature error. If you can separately obtain the certificate used to sign the OCSP response, then specify this as the issuerCert; otherwise leave as the empty string "".

Reference

Ocsp Class

CryptoSysPKI Namespace