033530B4 OCSP response signature algorithm not in signature algorithm pairs list.

Verify that the signature algorithms included in the response signature algorithm pairs list (the ocspResponseSigAlgPairs parameter within the gskdb_ocsp_source structure) are supported by the OCSP responder and are valid based on the certificate being validated. For example, the OCSP responder may ignore an signature algorithm of SHA-224 with RSA encryption if the certificate being validated is an ECDSA certificate. Ensure that the OCSP responder supports the OCSP preferred signature algorithms extension. The OCSP response signature algorithm pairs list may need to be updated to include the algorithm that the OCSP responder is using to sign the OCSP response. See Table 6 for a list of valid 4-character signature algorithm pair definitions. Collect a System SSL trace containing the error and then contact your service representative if the error persists.