Forum Discussion

hui_37443's avatar
Icon for Nimbostratus rankNimbostratus
Feb 15, 2012

OCSP error handling

I've noticed that AUTH::response_data can return far more values than the wiki page claims. My F5 version is BIG-IP 10.2.0 Build 1707.0 Final.



According to Wiki,,


OCSP returns one of the following,




"Error (Could not connect to server)"


"Error (Unknown client certificate)"



However, so far I have run into a couple more


Error (OCSP responder)


Error (Could not connect to server)




Error (Initialization error)



The last one is particularly puzzling, as so far I have no clue on what's gone wrong.



My questions here,


1. what does the "Initialization error" mean? And how to fix it?



2. Seems AUTH::status now always returns 1 for whatever unhappy scenario. I remeber in 9.x days I used to see -1 for error, and 1 for genuine revoked cert. Please confirm whether the behaviour has been changed, since when?



3. Is there a throrough list of response data for OCSP?


1 Reply

  • If you don't get an answer here, you could open a case with F5 Support to ask. You can ask them to reference BZ210706. If you do, can you reply with the case number and/or the reply you get.