Configuring an OCSP Responder
Use the OCSP page in AMC to configure global settings for an OCSP responder. The OCSP responder can be
referenced when configuring a PKI authentication server.
Just importing a CA certificate and enabling OCSP is not sufficient for OCSP to work. You must
import the OCSP response signing certificate for the CA certificate being used and enable OCSP response
verification when importing it. See Importing CA Certificates.
To configure an OCSP responder
In the AMC, navigate to System Configuration > SSL Settings.
In the CA Certificates section, on the OCSP line, click Edit.
The OCSP page displays.
In the Default responder URL field, enter the URL of the OCSP responder server.
- In the Maximum clock skew field, enter the maximum number of seconds that the OCSP response time
can differ from the local time. The default value is 300 seconds, the minimum is 1 second, and the
maximum is 3600 seconds.
Was This Article Helpful?
Help us to improve our support portal