Users Guide
ocsp-server
Configures OCSP server on a CA.
Syntax
ocsp-server url [nonce] [sign-requests]
Parameters
url Enter the URL for the OCSP responder using standard URI format. Either http or https
protocol can be used. For example, http://[1100::101]:8888.
nonce Enter the keyword nonce to use the nonce feature for the OCSP requests to OCSP
responder communication. This number is a one-time value that must be returned in the
OCSP response. If the OCSP responder is using precomputed responses, then it does not
reply with the nonce. The nonce feature is off by default. The no version of the command
disables the nonce feature.
sign-requests Enter the keyword sign-requests to sign the OCSP requests to OCSP responder
communication with the system’s own certificate so that the OCSP responder may verify
the requestor. The sign-requests feature is off by default. The no version of the
command disables signing of requests.
Defaults None.
Command Modes CERTIFICATE
Command History
This guide is platform-specific. For command information about other platforms, see the relevant Dell Networking
OS Command Line Reference Guide.
The following is a list of the Dell Networking OS version history for this command:
Version Description
9.11.0.0 Introduced this command.
Usage Information The following RBAC roles are allowed to issue this command:
• sysadmin
• secadmin
Multiple OCSP responders may be configured per CA. The system tries each one until it gets a valid response. No
priority may be specified or guaranteed; the system tries them in the order in which they were configured.
Related Commands
• crypto x509 ocsp
ocsp-server prefer
Configures OCSP responder preference. You can configure the preference or order that the CA or a device should follow while contacting
multiple OCSP responders.
Syntax
ocsp-server prefer
Defaults None.
Command Modes CERTIFICATE
X.509v3 1707