Configure the following fields on the Certificate Validation -
OCSP dialog:
Name:
Enter a name for this OCSP connection.
URL Group:
Select a group of OCSP responders from the URL Group
drop-down list.
The Enterprise Gateway attempts to connect to the OCSP responders in the
selected group in a round-robin fashion. It attempts to connect to
the responders with the highest priority first, before connecting to
responders with a lower priority.
You can add, edit, or remove URL Groups by selecting the appropriate
button. For more information on adding and editing URL groups, see the
Configuring URL Groups topic.
User Name:
Requests to OCSP responders can be signed by a user to whom the Sign OCSP
or XKMS Requests privilege has been assigned. Only those users who have
been assigned this privilege are displayed in the drop-down list. For more information
on assigning privileges to users, see the Enterprise Gateway
Users tutorial.
Signing Key:
Click the Signing Key button to open the list of certificates
in the Certificate Store. You can then select the key to use to sign requests
to XKMS responders. This user must have been granted the Sign OCSP or XKMS
Requests privilege.
Validate Response:
If the OCSP responders sign responses, select this checkbox to force
the Enterprise Gateway to validate the signature on the response from the OCSP
responder.
|