[OSL | CCIE_Security] OCSP location on IOS CA server

Mon, 20 Sep 2010 07:54:40 -0700 

Hi all

Does IOS CA server support configuration of OCSP location which will be sent
certificate extensions. I can only see the option to specify the OCSP
location on the client but not on the IOS CA server.

router3(cs-server)#?
CA Server configuration commands:
  auto-rollover  Rollover the CA key and certificate
  cdp-url        CRL Distribution Point to be included in the issued certs
  database       Certificate Server database config parameters
  default        Set a command to its defaults
  exit           Exit from Certificate Server entry mode
  grant          Certificate granting options
  hash           Hash algorithm
  issuer-name    Issuer name
  lifetime       Lifetime parameters
  mode           Mode
  no             Negate a command or set its defaults
  shutdown       Shutdown the Certificate Server




router1(ca-trustpoint)#?
CA Trust Point configuration commands:
  authorization     Authorization parameters.
  auto-enroll       Automatically enroll this router identity
  certificate       certificate options
  chain-validation  Validation parameters
  crl               CRL options
  default           Set a command to its defaults
  enrollment        Enrollment parameters
  exit              Exit from certificate authority trustpoint entry mode
  fingerprint       CA Certificate Fingerprint
  fqdn              include fully-qualified domain name
  hash              Hash algorithm
  ip-address        include ip address
  match             Match a certificate map
  no                Negate a command or set its defaults
  ocsp              OCSP parameters
  on                create keypair on device.
  password          revocation password
  primary           Specify trustpoint as primary
  query             Query parameters
  regenerate        Regenerate keys on re-enrollment
  revocation-check  Revocation checking options
  root              Protocol to get CA certificate
  rsakeypair        Specify rsakeypair for this identity
  serial-number     include serial number
  show              Show this router trustpoint
  source            Specify source
  storage           key and certificate storage location to use with this
trustpoint.
  subject-name      Subject Name
  usage             Certificate Usage
  vrf               vrf to use for enrollment and obtaining CRLs

router1(ca-trustpoint)#ocsp url ?
  WORD  URL

With regards
Kings

_______________________________________________
For more information regarding industry leading CCIE Lab training, please visit 
www.ipexpert.com

Reply via email to