aam authentication server ocsp

Configure an authentication-server profile for an Online Certificate Status Protocol (OCSP) server.

ocsp Specification

Type Configuration Resource
Element Name ocsp
Element URI /axapi/v3/aam/authentication/server/ocsp
Element Attributes ocsp_attributes
Statistics Data URI /axapi/v3/aam/authentication/server/ocsp/stats
Schema ocsp schema

Operations Allowed:

Operation Method URI Payload

Create Object

POST

/axapi/v3/aam/authentication/server/ocsp

ocsp Attributes

Get Object

GET

/axapi/v3/aam/authentication/server/ocsp

ocsp Attributes

Modify Object

POST

/axapi/v3/aam/authentication/server/ocsp

ocsp Attributes

Replace Object

PUT

/axapi/v3/aam/authentication/server/ocsp

ocsp Attributes

Delete Object

DELETE

/axapi/v3/aam/authentication/server/ocsp

ocsp Attributes

Get Stats

GET

/axapi/v3/aam/authentication/server/ocsp/stats

stats data

ocsp Attributes

instance-list

Description: instance-list is a JSON List . Please see below for instance-list

Type: List

Reference Object: /axapi/v3/aam/authentication/server/ocsp/instance/{name}

sampling-enable

Description: sampling-enable is a JSON List . Please see below for sampling-enable

Type: List

uuid

Description: uuid of the object

Type: string

sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘stapling-certificate-good’: Total OCSP Stapling Good Certificate Response; ‘stapling-certificate-revoked’: Total OCSP Stapling Revoked Certificate Response; ‘stapling-certificate-unknown’: Total OCSP Stapling Unknown Certificate Response; ‘stapling-request-normal’: Total OSCP Stapling Normal Request; ‘stapling-request-dropped’: Total OCSP Stapling Dropped Request; ‘stapling-response-success’: Total OCSP Stapling Success Response; ‘stapling-response-failure’: Total OCSP Stapling Failure Response; ‘stapling-response-error’: Total OCSP Stapling Error Response; ‘stapling-response-timeout’: Total OCSP Stapling Timeout Response; ‘stapling-response-other’: Total OCSP Stapling Other Response; ‘request-normal’: Total OSCP Normal Request; ‘request-dropped’: Total OCSP Dropped Request; ‘response-success’: Total OCSP Success Response; ‘response-failure’: Total OCSP Failure Response; ‘response-error’: Total OCSP Error Response; ‘response-timeout’: Total OCSP Timeout Response; ‘response-other’: Total OCSP Other Response; ‘job-start-error’: Total OCSP Job Start Error; ‘polling-control-error’: Total OCSP Polling Control Error;

Type: string

Supported Values: all, stapling-certificate-good, stapling-certificate-revoked, stapling-certificate-unknown, stapling-request-normal, stapling-request-dropped, stapling-response-success, stapling-response-failure, stapling-response-error, stapling-response-timeout, stapling-response-other, request-normal, request-dropped, response-success, response-failure, response-error, response-timeout, response-other, job-start-error, polling-control-error

instance-list

Specification
Type list
Block object keys

health-check

Description: Check server’s health status

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: health-check and health-check-disable are mutually exclusive

health-check-disable

Description: Disable configured health check configuration

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: health-check-disable and health-check are mutually exclusive

health-check-string

Description: Health monitor name

Type: string

Reference Object: /axapi/v3/health/monitor

name

Description: Specify OCSP authentication server name

Type: string

Format: string-rlx

port-health-check

Description: Check port’s health status

Type: string

Mutual Exclusion: port-health-check and port-health-check-disable are mutually exclusive

Reference Object: /axapi/v3/health/monitor

port-health-check-disable

Description: Disable configured port health check configuration

Type: boolean

Supported Values: true, false, 1, 0

Default: 0

Mutual Exclusion: port-health-check-disable and port-health-check are mutually exclusive

responder-ca

Description: Specify the trusted OCSP responder’s CA cert filename

Type: string

responder-cert

Description: Specify the trusted OCSP responder’s cert filename

Type: string

sampling-enable

Description: sampling-enable is a JSON List . Please see below for sampling-enable

Type: List

url

Description: Specify the OCSP server’s address (Format: http://host[:port]/ ) (The OCSP server’s address(Format: http://host[:port]/ ))

Type: string

Format: string-rlx

uuid

Description: uuid of the object

Type: string

instance-list.sampling-enable

Specification
Type list
Block object keys

counters1

Description: ‘all’: all; ‘request’: Request; ‘certificate-good’: Good Certificate Response; ‘certificate-revoked’: Revoked Certificate Response; ‘certificate-unknown’: Unknown Certificate Response; ‘timeout’: Timeout; ‘fail’: Handle OCSP response failed; ‘stapling-request’: OCSP Stapling Request Send; ‘stapling-certificate-good’: OCSP Stapling Good Certificate Response; ‘stapling-certificate-revoked’: OCSP Stapling Revoked Certificate Response; ‘stapling-certificate-unknown’: OCSP Stapling Unknown Certificate Response; ‘stapling-timeout’: OCSP Stapling Timeout; ‘stapling-fail’: Handle OCSP response failed;

Type: string

Supported Values: all, request, certificate-good, certificate-revoked, certificate-unknown, timeout, fail, stapling-request, stapling-certificate-good, stapling-certificate-revoked, stapling-certificate-unknown, stapling-timeout, stapling-fail

stats data

Counter Size Description
stapling-request-normal 8 Total OSCP Stapling Normal Request
request-normal 8 Total OSCP Normal Request
polling-control-error 8 Total OCSP Polling Control Error
stapling-response-other 8 Total OCSP Stapling Other Response
stapling-certificate-revoked 8 Total OCSP Stapling Revoked Certificate Response
stapling-response-failure 8 Total OCSP Stapling Failure Response
stapling-response-timeout 8 Total OCSP Stapling Timeout Response
stapling-response-error 8 Total OCSP Stapling Error Response
stapling-certificate-unknown 8 Total OCSP Stapling Unknown Certificate Response
response-other 8 Total OCSP Other Response
stapling-certificate-good 8 Total OCSP Stapling Good Certificate Response
response-failure 8 Total OCSP Failure Response
stapling-response-success 8 Total OCSP Stapling Success Response
response-timeout 8 Total OCSP Timeout Response
request-dropped 8 Total OCSP Dropped Request
response-success 8 Total OCSP Success Response
job-start-error 8 Total OCSP Job Start Error
response-error 8 Total OCSP Error Response
stapling-request-dropped 8 Total OCSP Stapling Dropped Request