OCSP part 2 – Create a Revocation Configuration

Let the world know ...Tweet about this on TwitterShare on Google+0Share on Facebook0Email this to someoneShare on LinkedIn0

After installing OCSP component in Windows, it is time to configure the service: how OCSP requests are going to be handled; from where to receive the CRL, specify OCSP certificate, etc.

  1. Open the Online Responder snap-in.

  2. Click on Revocation Configuration.

  3. The list of available configuration is empty.

  4. Add a new revocation configuration.

  5. The configuration wizard opens.

  6. Give a name for the new configuration.

  7.  Inform the location of the CA. My CA is a Windows Enterprise CA, so its configuration is stored in the AD.

  8. Give the information of the signing certificate. Just leave the default values.
  9. Configure the provider. That is, where OCSP can retrieve the information of revoled certificates.

  10. I am using the AD for obtaining this information.

  11. After this, the necessary information for the provider is given and the wizard can start with performing the actual configuration.

  12. This ends the wizard. Afterwards, the status can be seen in the pane.

Let the world know ...Tweet about this on TwitterShare on Google+0Share on Facebook0Email this to someoneShare on LinkedIn0

One thought on “OCSP part 2 – Create a Revocation Configuration

  1. Pingback: Online Certificate Status Protocol | It`s full of stars!

Leave a Reply

Your email address will not be published. Required fields are marked *