I set up a root and intermediate CAs with OpenSSL and started issuing server certificates. For MS RDP (RemoteApp) it required OCSP, so I also set up an OCSP responder with OpenSSL. Testing with openssl ocsp command worked fine, but using MS RDP or even a webserver (IIS) with that issued certificate being accessed by Firefox complained the CA could not be contacted.
I posted everything here, but after a while I realized OpenSSL OCSP manual says this:
The OCSP server is only useful for test and demonstration purposes: it is not really usable as a full OCSP responder. It contains only a very simple HTTP request handling and can only handle the POST form of OCSP queries.
So, I´m guessing I should not use OpenSSL for an OCSP responder? What is the best way to set up one then, preferably using open software and CentOS?
