Home > ADSS OCSP Service


ADSS OCSP Service is an advanced implementation of Online Certificate Status Protocol (OCSP) that provides revocation status information for x.509 certificates, based on either CRLs or real-time certificate information. It is a validation authority, which is fully compliant to the IETF RFC 6960 and partially to RFC 5019 standards (to support client side caching). ADSS OCSP Service can be configured to provide revocation status of digital certificates issued by multiple CAs, defined within the Trust Manager.  

ADSS OCSP Service excels because of its sophisticated validation policies and FIPS 201 compliance.  It offers excellent scalability, resilience and the ability to pre-define multiple CAs and their individual validation policies.  It can monitor and check multiple CRL locations and digest these to offer high performance.  The attention to detail in security management, including optional dual control of specific features, management reporting and transaction log views of validation information, are in advance of anything seen elsewhere, and these aspects are key to minimising operational time and costs. 

ADSS Server OCSP Service supports many unique and innovative features, including:

The following image shows the OCSP Service sub-modules, details of which are given in the next sections:

Support for Multiple Trust Models
Multiple CA and Unique Certificate Validation Policies
Configuring the OCSP Service
Advanced Settings
Forwarding Modes
Access Control
Transactions Log Viewer
Logs Archiving
Management Reporting
Optimising ADSS OCSP Server Performance
Operating OCSP Service in FIPS 201 Compliant Mode
OCSP Service Interface URLs

See also

ADSS Server Knowledge Base