OpenCA OCSP Responder
The OpenCA OCSP Responder is an RFC 2560 compliant OCSPD responder. It can be used to verify the status of a certificate using OCSP clients (such as Mozilla/Netscape7). The Responder is actually included in the main OpenCA distribution package. It is also possible to install the daemon as a stand-alone application, in which case you will need a CRL (or access to an LDAP server where the CRL can be obtained).
| Tags | Security Cryptography |
|---|---|
| Licenses | BSD Revised |
| Operating Systems | Unix Mac OS X POSIX BSD Linux Solaris |
| Implementation | C |
Recent releases
- 12 Feb 2011 09:54
Release Notes: This version updates default configuration files (default passin is set to none), adds enhanced support for ECDSA, and updates thread management with built-in support from LibPKI 0.6.3. The start/stop script, a memory error in config.c that caused a segfault on CRL reload, and an extra two bytes sent out after the DER encoding of the response is written, which was causing Firefox/Thunderbird not to validate the answer were fixed. An error in the return code check for PKI_NET_listen was also fixed, along with an error in config parsing when no bind address was provided.
- 18 Nov 2010 00:34
Release Notes: Extensive support for hardware devices (PKCS#11 and OpenSSL Engine), multiple keypair and certificate support for response signatures, POST and GET support, and IPv6 support.
- 21 Oct 2006 15:21
Release Notes: Thread support was added. HTTP header parsing was improved.
- 18 Jul 2006 10:55
Release Notes: The requirement for the index file option in the configuration file has been removed (it was not used).
- 28 Apr 2005 01:59
Release Notes: RPM installation fixes, a revised server architecture that was fixed to be used with HSM via OpenSSL's ENGINE interface, and support for downloading CRL/CA certificates via HTTP/LDAP.
madwolf
09 Nov 2004 05:23
Heartbeat
- Popularity Score
- 115.80
- Vitality Score
- 8.08
- Subscriptions
- 22
