KB Article #101326
DV - How to use Multiple Signing Certificates w/ Different Responders
Summary
The article provides information about Desktop Validators ability to accept responses from multiple responders using different signing certificates.
Details
Desktop Validator can accept responses from different Validation Authority (Responders) using different OCSP Signing Certificate Keys. When a response is returned, Desktop Validator will check its configuration for a matching Validation Authority Certificate. In order for this to work you must have both Validation Authority (Responder) Certificates in the Desktop Validation Default or CA Specific Validation Options.
To configure your Desktop Validator please refer to the Desktop Validator - Installation and Configuration Guide in your Desktop Validator installation directory.
Example using Default Validation Options:
Servers: 2 x Validation Authority (Responders) using different OCSP Signing Certificates
Client: 1 x Desktop Validator Workstation
- Open Desktop Validator UI
- Click General Tab
- Click Default Validation Options Settings Button
- Ensure the Enabled Default Validation is selected
- Ensure the Enabled Default Validation is selected
- Under Primary Validation Mechanism
- Check the OCSP Radio Button
- Check the OCSP Radio Button
- Click ADD
- Enter Address of Validation Authority (Responder) #1 and select Auto configure (or manually input OCSP Signing Certificate)
- Click OK
- Enter Address of Validation Authority (Responder) #1 and select Auto configure (or manually input OCSP Signing Certificate)
- Click ADD
- Enter Address of Validation Authority (Responder) #2 and select Auto configure (or manually input OCSP Signing Certificate)
- Click OK
- Enter Address of Validation Authority (Responder) #2 and select Auto configure (or manually input OCSP Signing Certificate)
- Click Default Validation Options Settings Button
- Click Apply
- Click OK
NOTE: (Settings will be applied and DV will be Restarted)
- Finished!
NOTE:
DV will now accept responses from either Validation Authority (Responder's)
Related Articles
- DV 4.9.2 - Installation & Configuration Guide (Article# 5230)
- DV - How to use Multiple Signing Certificates w/ Different Responders (Article# 5233)