When you configure OCSP certificate revocation checking, Horizon 7 sends a verification request to an OCSP Responder to determine the revocation status of a smart card user certificate.
Prerequisites
Familiarize yourself with the locked.properties file properties for OCSP certificate revocation checking. See Smart Card Certificate Revocation Checking Properties.
Procedure
Example: locked.properties File
The file shown enables smart card authentication and smart card certificate revocation checking, configures both CRL and OCSP certificate revocation checking, specifies the OCSP Responder location, and identifies the file that contains the OCSP signing certificate.
trustKeyfile=lonqa.key trustStoretype=jks useCertAuth=true enableRevocationChecking=true enableOCSP=true allowCertCRLs=true ocspSigningCert=te-ca.signing.cer ocspURL=http://te-ca.lonqa.int/ocsp