Configuring the Expiration Check Method for Received Certificates
You can verify whether the certificate received from the other party during communication is valid by sending a query to the OCSP (online certificate status protocol) responder (a server that supports OCSP). Configure the certificate verification level and the OCSP responder to connect to. These should be registered by the administrator.
1
Start the Remote UI and log in to System Manager Mode.
Starting Remote UI2
Click [Settings/Registration] on the Portal page.
Remote UI Screen3
Select [Device Management]
[OCSP (Online Certificate Status Protocol) Settings].
4
Click [Edit].
5
Select the check box for [Use OCSP (Online Certificate Status Protocol)], and configure the online certificate status protocol (OCSP).
[Certificate Verification Level]
Set whether to disable certificates in situations such as the following:
When the machine cannot connect to the OCSP responder
When a timeout occurs
When expiration cannot be checked, such as when the result of checking the expiration of a certificate via the OCSP responder is unknown
[OCSP Responder Settings]
Specify the URL for connecting to the OCSP responder.
[Custom URL]
When [Use Custom URL] or [Use Certificate URL (Use Custom URL If Certificate URL Cannot Be Retrieved)] is selected, enter the URL of the OCSP responder (ASCII code only, maximum 255 characters).
[Communication Timeout]
Set the time until communication with the OCSP responder times out. The connection is canceled if there is no response from the OCSP responder within the set time.
6
Click [OK].