Ocsp: Agent Services; Listing Cas Identified By The Ocsp; Identifying A Ca To The Ocsp - Red Hat CERTIFICATE SYSTEM 7.2 - AGENT GUIDE Manual

Chapter 7. OCSP: Agent Services
This chapter describes how to perform Online Certificate Status Manager (OCSP) agent tasks, such as identifying a CA to
the OCSP and adding a CRL to the OCSP's internal database. This service is available only when the OCSP subsystem is
installed. The OCSP agent services page allows authorized agents to accomplish these tasks.
NOTE
For this documentation, Online Certificate Status Manager is abbreviated OCSP.

1. Listing CAs Identified by the OCSP

The OCSP can be configured to receive CRLs from multiple Certificate Managers. Each Certificate Manager that can pub-
lish CRLs to the OCSP must have its CA signing certificate stored in the internal database of the OCSP. For instructions,
refer to Section 2, "Identifying a CA to the OCSP".
The list of Certificate Managers currently recognized by the OCSP can be viewed at any time. To see the list of Certificate
Managers, do the following:
1. Open the OCSP agent services page.
2. In the left frame, click List Certificate Authorities.

2. Identifying a CA to the OCSP

The OCSP can be configured to receive CRLs from multiple Certificate Managers. Before configuring a Certificate Man-
ager to publish CRLs to the OCSP, first identify the Certificate Manager to the OCSP by storing the Certificate Manager's
CA signing certificate in the internal database of the OCSP.
Figure 7.1. OCSP List Certificate Authorities Page
49 Chapter 7. OCSP: Agent Services