OCSP Validation Server

OCSP is a protocol for checking the current validity status of an X.509 certificate online. Swiss IT Security’s OCSP Validation Server offers extensive functionalities for demanding environments.

Real-time status check of X.509 certificates

Validity depends on the integrity of the certificate, its period of validity and its revocation status. It can be determined on the basis of a static certificate revocation list (CRL) or in real time using the OCSP protocol. Swiss IT Security’s OCSP Server is a scalable high-performance server that can be integrated directly into the relevant CA database and securely transmits the requested certificate status to the clients on the basis of a set of rules.



Scalable and high-performance solution

Handles large numbers of OCSP status requests in an Enterprise and IoT environment.

Compliance with CA/Browser Forum Baseline Requirements

Meets the high standards of the CA/Browser Forum

Web-based administration

Role-based, intuitive GUI for administration and reporting

OCSP Validation Server

OCSP is a protocol for on-line checking of the current validity status of an X.509 certificate. The OCSP Validation Server from Swiss IT Security offers extensive functionality for demanding environments.

With the status inquiry via OCSP it can be determined whether a certificate is still valid or blocked. Compared to the status inquiry through certificate revocation lists (CRL), OCSP allows a simple and most notably a timely accurate status check. This is particularly important for transactions where great emphasis is placed on confidentiality, integrity and authenticity. The OSCP has been specified and standardized by the IETF (RFC 6960). From Windows Vista onwards, OCSP is the preferred protocol for querying the status of certificates.

  • Real time status check of X.509 certificates
  • Simple installation and administration
  • High-performance solution through integrated cache
  • Role based administration via a web-based GUI
  • The certificate status is determined on the basis of certificate revocation lists (CRL) or database entries
swiss it security


With the OCSP Validation Server from Swiss IT Security, a database for each CA can be configured and queried, whether the tested serial number of a certificate exists in the database. With this feature, the high requirements of the CA / Browser Forum Baseline Compliance are met in connection with “OCSP Response for non‐issued certificates”.

Web-based Administration

Administration is performed through a web interface with certificate-based authentication. Any number of users can be assigned to configurable groups with finely differentiated rights.
OCSP Validation Server Preview

Maximum security and flexibility

The Validation Server from Swiss IT Security supports any number of file, AD, LDAP or HTTP(S) status codes from various internal or external CA’s. Multistage certificate hierarchies and cross certificates are also supported. All common X.509 extensions are interpreted. The key for signing OCSP responses can be stored in a HSM or a soft token.

Scalable and high-performance solution

sing a HSM, hundreds of OCSP requests can be answered per second. An integration in load balancing or cluster systems ensures high availability and performance. All current status information is stored in a cache, so that in the event of a restart it is immediately available as base for the validation of information and independent of other components.

Request now

Submit your email address and we will get in touch with you shortly

Are you interested in our solution?


Vendors & Certifications

Pioneering products and solutions from the world’s leading vendors



Keyon AG is a leading provider of solutions and services in the areas of IT security and customer-specific software development. The company, which has been operating since 1999, has implemented first-class references and a large number of strategic projects for the federal government and our customers in the areas of finance, insurance, trade, industry and telecommunications. They support their customers in all phases of the project and like to be measured by the success of their work.

We also offer

Pioneering products and solutions from world-leading manufacturers

Jetzt herunterladen

Vielen Dank für Ihr Interesse!

Sie können das Infoblatt unter folgendem Link herunterladen.