OCSP responder doesn't work properly when OCSP request contains certid with SHA256 hashed data
When OCSP responder must satisfy an OCSP request where the certid values IssuerKeyHash and IssuerNameHash are hashed with an hash algorithm different from SHA-1,
for example SHA-256, the OCSP Servlet is unable to find the certificate of the corresponding CA.
The error is not present when is used the SHA-1 hash algorithm.
The error is given by the following line of code in the source OCSPServletBase.java:
cacert = this.data.m_caCertCache.findByOcspHash(certId);
because the internal hash table of the current managed CA's by the product has an identifier contsructed with SHA-1 values.
See RFC6960, http://tools.ietf.org/html/rfc6960