Preparing Certificate Authorities: Implementing OCSP responder - Part 2

This post look towards implementing the OCSP Responder. However, before we move forward with the Install of the OCSP Responder we must first configure the CA to support OCSP for revocation status checking. The OCSP Responder provides revocation information to clients or application requesting revocation status for a specific certificate. In order for this to […]

This post look towards implementing the OCSP Responder. However, before we move forward with the Install of the OCSP Responder we must first configure the CA to support OCSP for revocation status checking. The OCSP Responder provides revocation information to clients or application requesting revocation status for a specific certificate. In order for this to be accomplished there are certain prerequisites that need to be in place. Some of the prerequisites are different depending on which version of the CA you are using, and whether you are using a Standalone or Enterprise CA. To advertise that revocation status information for a particular CA can be obtained via OCSP, the CA must include a pointer to the OCSP Responder in the certificate. This is done by adding an OCSP URI to the AIA extension of the certificate.

Full ArticleDirectory Services