Default OCSP configuration
- Ann Base (Deactivated)
- Ylva Andersson
- Josefin Klang (Deactivated)
This article includes updates for Nexus OCSP responder 6.3.0.
This article describes the ocsp.conf file installed with Nexus OCSP Responder, that is, the default configuration.
Scramble sensitive configuration parameters
Providers
The order of cryptographic providers used by the Nexus OCSP Responder.
ocsp.providers.1=org.bouncycastle.jce.provider.BouncyCastleProvider
ocsp.providers.2=com.id2tech.security.provider.ID2
ocsp.providers.3=com.id2tech.security.store.ID2StoreValidators
For more information, see Validation section.
CRL Validator
ocsp.validation.1.type=crl
ocsp.validation.1.cacheDir=crls
ocsp.validation.1.provider.1.type=push
ocsp.validation.1.provider.1.listen.url=http://*:8081/CIL Validator
ocsp.validation.2.type=cil
ocsp.validation.2.cacheDir=cils
ocsp.validation.2.provider.1.type=push
ocsp.validation.2.provider.1.listen.url=http://*:8082/Responders
For more information, see OCSP responder section.
Basic Responder
Non Issued Basic Responder
Fallback Responder
Please see the corresponding page: OCSP Fallback Responder
Key Stores
For more information, see Key management section.
Log file
For more information, see System management section.
Java Util Logging level
ocsp.java.util.logging.level - The Java Util Logging level that should be redirected to OCSP agent to be captured.
Possible values: SEVERE, WARNING, INFO, CONFIG, FINE, FINER, FINEST.
SEVERE, WARNING, INFO, CONFIG are redirected with class=oper.
FINE, FINER, FINEST are redirected with class=trace.
Output printed to system err/out is printed with level FINE. For example when enabling debugging of TLS connections with the Java VM parameter: - Djavax.net
.debug=ssl:handshake
Default value
Global log parameters
Â
Copyright 2024 Technology Nexus Secured Business Solutions AB. All rights reserved.
Contact Nexus | https://www.nexusgroup.com | Disclaimer | Terms & Conditions