ocspd.cfg (2837B)
1 # This Source Code Form is subject to the terms of the Mozilla Public 2 # License, v. 2.0. If a copy of the MPL was not distributed with this 3 # file, You can obtain one at http://mozilla.org/MPL/2.0/. 4 5 scenario OCSPD 6 7 #root CA 8 entity OCSPRoot 9 type Root 10 export_key 11 12 #CA - OK 13 entity OCSPCA1 14 type Intermediate 15 issuer OCSPRoot 16 serial 1 17 ocsp online 18 export_key 19 20 #CA - revoked 21 entity OCSPCA2 22 type Intermediate 23 issuer OCSPRoot 24 serial 2 25 ocsp online 26 export_key 27 28 #CA - unknown status 29 entity OCSPCA3 30 type Intermediate 31 issuer OCSPRoot 32 serial 3 33 ocsp offline 34 export_key 35 36 #EE - OK 37 entity OCSPEE11 38 type EE 39 issuer OCSPCA1 40 serial 1 41 ocsp online 42 43 #EE - revoked on OCSP 44 entity OCSPEE12 45 type EE 46 issuer OCSPCA1 47 serial 2 48 ocsp online 49 50 #EE - revoked on CRL 51 entity OCSPEE13 52 type EE 53 issuer OCSPCA1 54 serial 3 55 ocsp online 56 57 #EE - revoked on OCSP and CRL 58 entity OCSPEE14 59 type EE 60 issuer OCSPCA1 61 serial 4 62 ocsp online 63 64 #EE - unknown status 65 entity OCSPEE15 66 type EE 67 issuer OCSPCA1 68 serial 5 69 ocsp offline 70 71 #EE - valid EE, revoked CA 72 entity OCSPEE21 73 type EE 74 issuer OCSPCA2 75 serial 1 76 ocsp online 77 78 #EE - revoked EE, revoked CA 79 entity OCSPEE22 80 type EE 81 issuer OCSPCA2 82 serial 2 83 ocsp online 84 85 #EE - revoked EE, CA pointing to invalid OCSP 86 entity OCSPEE23 87 type EE 88 issuer OCSPCA2 89 serial 3 90 ocsp offline 91 92 #EE - valid EE, CA pointing to invalid OCSP 93 entity OCSPEE31 94 type EE 95 issuer OCSPCA3 96 serial 1 97 ocsp online 98 99 #EE - revoked EE, CA pointing to invalid OCSP 100 entity OCSPEE32 101 type EE 102 issuer OCSPCA3 103 serial 2 104 ocsp online 105 106 #EE - EE pointing to invalid OCSP, CA pointing to invalid OCSP 107 entity OCSPEE33 108 type EE 109 issuer OCSPCA3 110 serial 3 111 ocsp offline 112 113 crl OCSPRoot 114 115 revoke OCSPRoot 116 serial 2 117 118 crl OCSPCA1 119 120 revoke OCSPCA1 121 serial 2 122 123 revoke OCSPCA1 124 serial 4 125 126 crl OCSPCA2 127 128 revoke OCSPCA2 129 serial 2 130 131 revoke OCSPCA2 132 serial 3 133 134 crl OCSPCA3 135 136 revoke OCSPCA3 137 serial 2 138 139 revoke OCSPCA3 140 serial 3 141 142 # Used for running a single OCSP server (httpserv) instance that can 143 # handle multiple CAs, e.g.: 144 # httpserv -p 8641 -d . -f dbpasswd \ 145 # -A OCSPRoot -C OCSPRoot.crl -A OCSPCA1 -C OCSPCA1.crl \ 146 # -A OCSPCA2 -C OCSPCA2.crl -A OCSPCA3 -C OCSPCA3.crl 147 db Server 148 import OCSPRoot::CT,C,C 149 import_key OCSPRoot 150 import_key OCSPCA1 151 import_key OCSPCA2 152 import_key OCSPCA3 153 154 # A DB containing all certs, but no keys. 155 # Useful for manual OCSP client testing, e.g.: 156 # ocspclnt -d . -S OCSPEE12OCSPCA1 -u s 157 db Client 158 import OCSPRoot::CT,C,C 159 import OCSPCA1OCSPRoot:: 160 import OCSPCA2OCSPRoot:: 161 import OCSPCA3OCSPRoot:: 162 import OCSPEE11OCSPCA1:: 163 import OCSPEE12OCSPCA1:: 164 import OCSPEE13OCSPCA1:: 165 import OCSPEE14OCSPCA1:: 166 import OCSPEE15OCSPCA1:: 167 import OCSPEE21OCSPCA2:: 168 import OCSPEE22OCSPCA2:: 169 import OCSPEE23OCSPCA2:: 170 import OCSPEE31OCSPCA3:: 171 import OCSPEE32OCSPCA3:: 172 import OCSPEE33OCSPCA3::