Online certificate status protocol
Suggest changes
-
PDF of this doc site
- Cluster administration
-
Volume administration
- Logical storage management with the CLI
-
NAS storage management
- Configure NFS with the CLI
- Manage NFS with the CLI
-
Manage SMB with the CLI
- Manage file access using SMB
- Security and data encryption
- Data protection and disaster recovery
Collection of separate PDF docs
Creating your file...
This may take a few minutes. Thanks for your patience.
Your file is ready
Online Certificate Status Protocol (OCSP) enables ONTAP applications that use TLS communications, such as LDAP or TLS, to receive digital certificate status when OCSP is enabled. The application receives a signed response signifying that the certificate requested is good, revoked, or unknown.
OCSP enables determination of the current status of a digital certificate without requiring certificate revocation lists (CRLs).
By default, OCSP certificate status checking is disabled. It can be turned on with the command security config ocsp enable -app name
, where the app name can be autosupport
, audit_log
, fabricpool
, ems
, kmip
, ldap_ad
, ldap_nis_namemap
, or all. The command requires advanced privilege level.