Online certificate status protocol (OCSP)

Online certificate status protocol (OCSP) is a common schema that enterprises may use to maintain the security of a server and other network resources. If you have enabled certificate-based authentication in EAA, OCSP can be used to validate certificates. You need to provide the URL of the OCSP responder that EAA uses to validate the certificate. OCSP can be configured two ways, depending on the type of server. There are two types of OCSP servers:
  • Internal: If the OCSP server is within the enterprise network and not reachable by public internet, it is internal. The OCSP deploys to an EAA connector where the service is reachable from.
  • External: If the OCSP server is reachable by the public internet, it is external. The OCSP does not deploy on an EAA connector. Instead, the EAA cloud makes a request to the OCSP server directly.