It has been designed to operate as a robust validation hub solution, capable of providing OCSP certificate validation services for multiple Certificate Authorities (CAs) concurrently! Simple or sophisticated validation policies are supported for each individual CA and ADSS OCSP Server provides a detailed historical record of all transactions together with an easy to use OCSP request & response viewer – essential for either billing and/or troubleshooting within managed service infrastructures or enterprise systems.
ADSS OCSP Server
Respond for multiple CAs from a single ADSS OCSP Server instance. Configure separate validation policy for each CA, including unique OCSP signing keys and certificates. OCSP server certificates can optionally be issued using a built-in CA and auto renewed.
Retrieve certificate status information from CAs using multiple methods, e.g. HTTP/S CRLs, LDAP/S CRLs, peer OCSP responders and real-time revocation information using CA’s database. Configure which input feed to use on a per CA basis.
Meet latest RFC 6960 and CAB Forum white-list checking requirements. The OCSP server can check if the certificate was actually issued by the CA (supports the Extended Revoked Definition extension of RFC 6960) a countermeasure against recent attacks on some CAs which resulted in the issue of fake certificates.
Ascertia provides an RFC 6960 compliant OCSP service for several CAs. You can also use your RFC 6960 compliant OCSP client applications against this service (see the note below). Alternatively you can perform a simple manual certificate validation using the web form below.
IT Manager Nikken UK Ltd