Revocation Check - OCSP

Certificate authorities use Online Certificate Status Protocol (OCSP) to obtain the revocation status of x.509 digital certificates. When a user requests the validity of a certificate, an OCSP request is sent to an OCSP server to check the specific certificate with a trusted certificate authority. The OCSP server then sends a good, revoked, or unknown response.

Prerequisites

OCSP URL must be published in the AIA field of the certificate with the AppViewX OCSP server URL.
Plugins required: OCSP Server and OCSP Generator must be deployed for OCSP to work.

You can then proceed to select one or more certificates from the inventory and click Actions > Revocation Check to perform revocation validation. Once validated, the certificate status is updated in the color code of the Common Name column.