How to test a OCSP server

The other day, I installed a OCSP server in Windows 2012 R2 and got the need of testing it.
I have found two different ways. In Windows, using the tool certutil:

# certutil.exe -url cert.pem

It will open a window where we can test all the revocation methods listed in the certificate. To test OCSP, we select it under “recovery” and click the button.

OCSP test with certutil
OCSP test with certutil

In Linux we can test OCSP with OpenSSL, this line does the trick:

# openssl ocsp --issuer ca.pem -nonce -CAfile ca.pem -url http://ocsp.server/ocsp -cert mycert.pem

OpenSSL OCSP test
OpenSSL OCSP test

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s