Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Current »

This figure describes Nexus OCSP Responder with its components and their external interfaces.

  • The logical OCSP responders make up the interface exposed to the OCSP clients, which typically may be web browsers, mail clients etc.
  • The logical OCSP responders can either forward the request to a remote responder (see Back end client section), or query local data in the CRL/CIL cache (see Validation section). The CRL/CIL cache is provided with fresh CRLs by pull and push methods and CILs by push methods (see Validation section).
  • To save time, the responses from certain root CAs can be cached (see OCSP response cache section).
  • Key management handles all the keys needed for signing OCSP responses and for TLS client and server authentication (see Key management section).
  • System management (see System management section) contains the agent that listens to all log messages. If Nexus OCSP Responder works in an environment that includes a built-in system monitor – a supervisor, the agent can also send signals to and receive signals from the supervisor.
  • The workflow for different types of OCSP responders is described in Workflow for Nexus OCSP Responders.
  • No labels