Configuring the Expiration Check Method for Received Certificates
84LY-0J3
There are two methods for verifying whether certificates received from the other party in communication are valid: Comparing with the certificate revocation list (CRL) registered in the machine and querying an OCSP (online certificate status protocol) responder (a server that supports OCSP). Set the method for checking the expiration of certificates according to your environment. This registration can only be performed by the administrator.
You can use the Remote UI to register a certificate revocation list (CRL). For information on the CRLs that can be registered on the machine, see System Specifications.
Click [Settings/Registration] on the portal page. Remote UI Screen
3
Click [Device Management] [OCSP (Online Certificate Status Protocol) Settings].
4
Select the check box for [Use OCSP (Online Certificate Status Protocol)], and configure the online certificate status protocol (OCSP).
[Certificate Verification Level]
Set whether to disable certificates in situations such as the following:
When the machine cannot connect to the OCSP responder
When a timeout occurs
When expiration cannot be checked, such as when the result of checking the expiration of a certificate via the OCSP responder is unknown
[OCSP Responder Settings]
Specify the URL for connecting to the OCSP responder.
[Custom URL]
When [Use custom URL] or [Use Certificate URL (Use Custom URL If Certificate URL Cannot Be Retrieved)] is selected, enter the URL of the OCSP responder (ASCII code only, maximum 255 characters).
[Communication Timeout]
Set the time until communication with the OCSP responder times out. The connection is canceled if there is no response from the OCSP responder within the set time.
This site uses cookies to provide its contents and functions and improve their qualities etc. You can find out more about our use of the cookies here. If you select "Reject", only cookies necessary to provide the contents and functions of the site are recorded and stored.