Monday, December 24, 2012

test your timestamp server with openssl

Generate the timestamp query:
openssl ts -query -data <filename> -out tsareq.tsr
You may optionally set the policy adding the -policy object_id parameter.
View the generated request in human readable form:
openss ts -query -in tsareq.tsr -text
Send the request to the timestamp server and store the timestamp response:
./tsget -h <timestamp server url> -o tsarep.tsr tsareq.tsr

View the reply in human readable form:

openssl ts -reply -in tsarep.tsr -text

You may find that tsget is stored in /usr/share/ssl/misc.
Alternatively, you may also send the timestamp request manually, and have finer control over the protocol and transport headers. One way would be using the almighty curl:
curl -X POST <timestamp server url> -H "Content-Type: application/timestamp-query" -H "Content-Length: <tsareq.tsr length>" --data-binary @tsareq.tsr -v -o tsarep.tsr