OCSP Validation Server

OCSP is a protocol for checking the current validity status of an X.509 certificate online. Swiss IT Security’s OCSP Validation Server offers extensive functionalities for demanding environments.

Real-time status check of X.509 certificates

Validity depends on the integrity of the certificate, its period of validity and its revocation status. It can be determined on the basis of a static certificate revocation list (CRL) or in real time using the OCSP protocol. Swiss IT Security’s OCSP Server is a scalable high-performance server that can be integrated directly into the relevant CA database and securely transmits the requested certificate status to the clients on the basis of a set of rules.





      Scalable and high-performance solution

      Handles large numbers of OCSP status requests in an Enterprise and IoT environment.

      Compliance with CA/Browser Forum Baseline Requirements

      Meets the high standards of the CA/Browser Forum

      Web-based administration

      Role-based, intuitive GUI for administration and reporting

      OCSP Validation Server

      OCSP is a protocol for on-line checking of the current validity status of an X.509 certificate. The OCSP Validation Server from Swiss IT Security offers extensive functionality for demanding environments.

      With the status inquiry via OCSP it can be determined whether a certificate is still valid or blocked. Compared to the status inquiry through certificate revocation lists (CRL), OCSP allows a simple and most notably a timely accurate status check. This is particularly important for transactions where great emphasis is placed on confidentiality, integrity and authenticity. The OSCP has been specified and standardized by the IETF (RFC 6960). From Windows Vista onwards, OCSP is the preferred protocol for querying the status of certificates.

      • Real time status check of X.509 certificates
      • Simple installation and administration
      • High-performance solution through integrated cache
      • Role based administration via a web-based GUI
      • The certificate status is determined on the basis of certificate revocation lists (CRL) or database entries
      swiss it security


      With the OCSP Validation Server from Swiss IT Security, a database for each CA can be configured and queried, whether the tested serial number of a certificate exists in the database. With this feature, the high requirements of the CA / Browser Forum Baseline Compliance are met in connection with “OCSP Response for non‐issued certificates”.

      Web-based Administration

      Administration is performed through a web interface with certificate-based authentication. Any number of users can be assigned to configurable groups with finely differentiated rights.
      OCSP Validation Server Preview

      Maximum security and flexibility

      The Validation Server from Swiss IT Security supports any number of file, AD, LDAP or HTTP(S) status codes from various internal or external CA’s. Multistage certificate hierarchies and cross certificates are also supported. All common X.509 extensions are interpreted. The key for signing OCSP responses can be stored in a HSM or a soft token.

      Scalable and high-performance solution

      sing a HSM, hundreds of OCSP requests can be answered per second. An integration in load balancing or cluster systems ensures high availability and performance. All current status information is stored in a cache, so that in the event of a restart it is immediately available as base for the validation of information and independent of other components.

      Request now

      Submit your email address and we will get in touch with you shortly

      Are you interested in our solution?

      Vendors & Certifications

      Pioneering products and solutions from the world’s leading vendors



      Keyon AG is a leading provider of solutions and services in the areas of IT security and customer-specific software development. The company, which has been operating since 1999, has implemented first-class references and a large number of strategic projects for the federal government and our customers in the areas of finance, insurance, trade, industry and telecommunications. They support their customers in all phases of the project and like to be measured by the success of their work.

      We also offer

      Pioneering products and solutions from world-leading manufacturers

      Jetzt herunterladen

      Vielen Dank für Ihr Interesse!

      Sie können das Infoblatt unter folgendem Link herunterladen.