Secure Mobile Access 12.4 Administration Guide

Configuring an OCSP Responder

Use the OCSP page in AMC to configure global settings for an OCSP responder. The OCSP responder can be referenced when configuring a PKI authentication server.

Just importing a CA certificate and enabling OCSP is not sufficient for OCSP to work. You must import the OCSP response signing certificate for the CA certificate being used and enable OCSP response verification when importing it. See Importing CA Certificates.

To configure an OCSP responder

  1. In the AMC, navigate to System Configuration > SSL Settings.

  2. In the CA Certificates section, on the OCSP line, click Edit.

    The OCSP page displays.

  3. In the Default responder URL field, enter the URL of the OCSP responder server.

  4. In the Maximum clock skew field, enter the maximum number of seconds that the OCSP response time can differ from the local time. The default value is 300 seconds, the minimum is 1 second, and the maximum is 3600 seconds.
  5. Click Save.

Was This Article Helpful?

Help us to improve our support portal

Techdocs Article Helpful form

Techdocs Article NOT Helpful form

  • Still can't find what you're looking for? Try our knowledge base or ask our community for more help.