authentication > online-certificate-status-protocol
The online-certificate-status-protocol configuration element is used to configure OCSP validation of clients.
Parameters
- ocsp-access-method-list
- Select which authentication interfaces will use OCSP
validation.
- Values: "" | SSH | GUI | SSH,GUI
- dns-resolver-ip
- Enter the IP address of the DNS resolver to use for OCSP validation.
- dns-resolver-port
- Enter the port of the DNS resolver to use for OCSP validation.
- ocsp-responder-fqdn
- (Optional) Enter the FQDN of the OCSP resolver to use for OCSP
validation.
When this value is set, the SBC uses the value to overwrite the URL found in the Authority Information Access (AIA) field of the client certificate.
Constraints
Enable the Admin Security and FIPs entitlements to configure this element.
This element can only be set after the two-factor-authentication element has been
set.
WARNING:
To prevent lockout, import your client X.509 certificates before configuring this element.Path
The online-certificate-status-protocol element is under the security path.
ORACLE# conf term
ORACLE(configure)# security
ORACLE(security)# authentication
ORACLE(authentication)# online-certificate-status-protocol
ORACLE(online-certificate-status-protocol)#