PKI – Understanding OCSP (Online Certificate Status Protocol #2

Log into the certificate authority (CA)

Publish the template


Configure the AIA settings on the CA


In this example, a separate computer will run NDES and OCSP.

Launch the server manager and install the following “roles”.


Note: Only new certificates will have the OCSP extension.

Test the URL from the client device.

  1. Export the certificate from the MMC console
  2. Use the certutil command

Configure RADIUS (Cisco ISE) with the OCSP URL

Create an OCSP profile

Save.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.