Nexus OCSP Responder architecture overview
This figure describes Nexus OCSP Responder with its components and their external interfaces.
The logical OCSP responders make up the interface exposed to the OCSP clients, which typically may be web browsers, mail clients etc.
The logical OCSP responders can either forward the request to a remote responder (see Back end client section), or query local data in the CRL/CIL cache (see Validation section). The CRL/CIL cache is provided with fresh CRLs by pull and push methods and CILs by push methods (see Validation section).
To save time, the responses from certain root CAs can be cached (see OCSP response cache section).
Key management handles all the keys needed for signing OCSP responses and for TLS client and server authentication (see Key management section).
System management (see System management section) contains the agent that listens to all log messages. If Nexus OCSP Responder works in an environment that includes a built-in system monitor – a supervisor, the agent can also send signals to and receive signals from the supervisor.
The workflow for different types of OCSP responders is described in Workflow for Nexus OCSP Responders.
Related information
Copyright 2024 Technology Nexus Secured Business Solutions AB. All rights reserved.
Contact Nexus | https://www.nexusgroup.com | Disclaimer | Terms & Conditions