OCSP part 2 – Create a Revocation Configuration

After installing OCSP component in Windows, it is time to configure the service: how OCSP requests are going to be handled; from where to receive the CRL, specify OCSP certificate, etc.

  1. Open the Online Responder snap-in.

  2. Click on Revocation Configuration.

  3. The list of available configuration is empty.

  4. Add a new revocation configuration.

  5. The configuration wizard opens.

  6. Give a name for the new configuration.

  7.  Inform the location of the CA. My CA is a Windows Enterprise CA, so its configuration is stored in the AD.

  8. Give the information of the signing certificate. Just leave the default values.
  9. Configure the provider. That is, where OCSP can retrieve the information of revoled certificates.

  10. I am using the AD for obtaining this information.

  11. After this, the necessary information for the provider is given and the wizard can start with performing the actual configuration.

  12. This ends the wizard. Afterwards, the status can be seen in the pane.

One thought on “OCSP part 2 – Create a Revocation Configuration

  1. Pingback: Online Certificate Status Protocol | It`s full of stars!

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.