Specify online certificate status protocol responder in issued certificates

  • Article

Applies To: Windows Server 2003, Windows Server 2003 R2, Windows Server 2003 with SP1, Windows Server 2003 with SP2

To specify online certificate status protocol (OCSP) responder in issued certificates

  1. Log on to the system as a Certification Authority Administrator.

  2. Open Certification Authority.

  3. In the console tree, click the certification authority.

    Where?

    • Certification Authority (Computer)/CA name

  4. On the Action menu, click Properties.

  5. On the Extensions tab, under Select extension, click Authority Information Access (AIA).

  6. Do one or more of the following. (The list of OCSP responders is in the Specify locations from which users can obtain a certificate revocation list (CRL) box.)

    To Do this

    Add a new OCSP responder.

    Click Add, type in the URL of the new CRL distribution point, and then click OK.

    Remove a OCSP responder from the list.

    Click the OCSP responder, click Remove, and then click OK.

    Indicate that you do not want to use a URL as an OCSP responder.

    Click the OCSP responder, clear the Include in the online certificate status protocol (OCSP) extension check box, and then click OK.

    Indicate that you want to use a URL as an OCSP responder.

    Click the OCSP responder, select the Include in the online certificate status protocol (OCSP) extension check box, and then click OK.

  7. On the Action menu, point to All Tasks, click Stop Service, and on the Action menu, point to All Tasks, and then click Start Service.

Notes

  • To open Certification Authority, click Start, click Control Panel, double-click Administrative Tools, and then double-click Certification Authority.

  • OCSP responder list URLs must be formatted as HTTP addresses.

Information about functional differences

  • Your server might function differently based on the version and edition of the operating system that is installed, your account permissions, and your menu settings. For more information, see Viewing Help on the Web.

See Also

Concepts

Working with MMC console files
Certificate revocation
Revoke an issued certificate
Schedule the publication of the certificate revocation list
Manually publish the certificate revocation list
View the certificate revocation list
Specify CA certificate access points in issued certificates