How to use a public CA on the Client Cert profile and OCSP validation a non-public end user certificate
I am using a non-public CA to validate the end user certificate by OCSP.
When I have the certificate on the Client SSL profile released by the same non-public CA that I am using for the end user certificate by OCSP all works well. However when I using a certificate released by valid CA Geotrust on the SSL Client profile I got OCSP AUTH RESULT "2" Failure
LOGS:
Oct 22 17:01:37 local/tmm info tmm[5263]: Rule auth_ssl_ocsp6 : Client Address: 170.61.198.68 Oct 22 17:01:37 local/tmm info tmm[5263]: 01260013:6: SSL Handshake failed for TCP from 170.61.198.68:22746 to 170.61.199.134:443 Oct 22 17:01:39 local/tmm info tmm[5263]: Rule auth_ssl_ocsp6 : Client Address: 170.61.198.68 Oct 22 17:01:39 local/tmm info tmm[5263]: Rule auth_ssl_ocsp6 : Client IP: 170.61.198.68 Oct 22 17:01:39 local/tmm info tmm[5263]: Rule auth_ssl_ocsp6 : AUTH_FAILURE Oct 22 17:01:39 local/tmm info tmm[5263]: Rule auth_ssl_ocsp6 : OCSP servers say the certificate was revoked Oct 22 17:01:39 local/tmm info tmm[5263]: Rule auth_ssl_ocsp6 : Client IP 170.61.198.68 connected with the Client Certificate: emailAddress=ANDERSON.CASTRO@BNYMELLON.COM.BR,CN=ANDERSON OLIVEIRA CASTRO\ ,OU=IT,O=BNY MELLON,L=RIO DE JANEIRO,ST=RJ,C=BR, requesting: GET/gestores2.bnymellon.com.br/, browser: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0), Referer: 0, HTTP version 1.1, Persitance Cookie: 0, SSL: RC4-SHA/TLSv1/128 Oct 22 17:01:39 local/tmm info tmm[5263]: Rule auth_ssl_ocsp6 : Certificate Information, Trusted Certificate Validation: unable to verify the first certificate, OCSP Revocation Statue: failure Oct 22 17:01:39 local/tmm info tmm[5263]: Rule auth_ssl_ocsp6 : Invalid certificate was redirected