Configuring the Expiration Check Method for Received Certificates

The validity of the certificates received from the other party in communication can be verified by sending a request to an OCSP (online certificate status protocol) responder (a server that supports OCSP). It is necessary to register the levels of the certificate verification or to register the URL to connect to the OCSP responder. This registration can only be performed by the administrator.

Start the Remote UI and log in to System Manager Mode. Starting Remote UI

Click [Settings/Registration] on the Portal page. Remote UI Screen

Select [Device Management]

[OCSP (Online Certificate Status Protocol) Settings]

Click [Edit].

Select the check box for [Use OCSP (Online Certificate Status Protocol)], and configure the online certificate status protocol (OCSP).

[Certificate Verification Level]
Set whether to disable certificates in situations such as the following:

When the machine cannot connect to the OCSP responder

When a timeout occurs

When expiration cannot be checked, such as when the result of checking the expiration of a certificate via the OCSP responder is unknown

[OCSP Responder Settings]
Specify the URL for connecting to the OCSP responder.

[Custom URL]
When [Use Custom URL] or [Use Certificate URL (Use Custom URL If Certificate URL Cannot Be Retrieved)] is selected, enter the URL of the OCSP responder (ASCII code only, maximum 255 characters).

[Communication Timeout]
Set the time until communication with the OCSP responder times out. The connection is canceled if there is no response from the OCSP responder within the set time.

Click [OK].