-
Notifications
You must be signed in to change notification settings - Fork 137
OCSP Manager
Endi S. Dewata edited this page Jan 15, 2021
·
4 revisions
The Certificate System CA supports the Online Certificate Status Protocol as defined in Public-Key Infrastructure (X.509) (PKIX) standard RFC 2560. The OCSP protocol enables OCSP-compliant applications to determine the state of a certificate, including the revocation status, without having to directly check a CRL published by a CA to the validation authority. The validation authority, which is also called an OCSP responder, checks for the application.
The Online Certificate Status Protocol (OCSP) subsystem is the component that provides OCSP responder services, which means it stored CRLs for CAs and can distribute the load for verifying certificate status.
The OCSP subsystem is implemented in Java and it runs on top of Tomcat.
|
Tip
|
To find a page in the Wiki, enter the keywords in search field, press Enter, then click Wikis. |