authentication > online-certificate-status-protocol

The online-certificate-status-protocol configuration element is used to configure OCSP validation of clients.

Parameters

ocsp-access-method-list
Select which authentication interfaces will use OCSP validation.
  • Values: "" | SSH | GUI | SSH,GUI
dns-resolver-ip
Enter the IP address of the DNS resolver to use for OCSP validation.
dns-resolver-port
Enter the port of the DNS resolver to use for OCSP validation.
ocsp-responder-fqdn
(Optional) Enter the FQDN of the OCSP resolver to use for OCSP validation.

When this value is set, the SBC uses the value to overwrite the URL found in the Authority Information Access (AIA) field of the client certificate.

Constraints

Enable the Admin Security and FIPs entitlements to configure this element.

This element can only be set after the two-factor-authentication element has been set.

WARNING:

To prevent lockout, import your client X.509 certificates before configuring this element.

Path

The online-certificate-status-protocol element is under the security path.

ORACLE# conf term
ORACLE(configure)# security 
ORACLE(security)# authentication
ORACLE(authentication)# online-certificate-status-protocol
ORACLE(online-certificate-status-protocol)#