ocsp responder name server

1285

Views

Helpful

Replies

Hi,

I have the below questions about OCSP responder server address resolution during client certificate validation (example: freeradius-server uses ocsp name server for certificate status check)

1. How are we resolving the OCSP responder IP address from the name server ? Are we using DNS/DNSSEC (unbound APIs) 2. Do we really need to do DNSSEC validation for resolving OCSP domain names?

3. what is the use of the rlm_unbound module in freeradius-server package? Can I use it for resolving OCSP

Thank you for the time and help

Regards

Simon

0 Replies 0

Learn, share, save

Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.

New here? Get started with these tips. How to use Community New member guide

Review Cisco Networking for a $25 gift card