1ocspd.3(3) OpenCA Contributed Manual ocspd.3(3)
2
6 openca-ocspd - OCSP Daemon
7
9 openca-ocspd [-d] [-p n] [-b address] [-c file] [-md digest] [-k
10 passwd] [-i passin] [-e engine] [-r chroot_dir] [-v]
11
13 The openca-ocspd is an RFC2560 compliant OCSPD responder. It can be
14 used to verify the status of a certificate using OCSP clients (such as
15 Mozilla/Netscape7).
16
18 -d detach the main process from the calling process.
19 -p n
21 specifies the port to bind to. Default is 2560.
22 -b address
24 specifies the IP address to bind to. Default behaviour is to listen
25 to every IP available (equal to '*' value).
26 -c file
28 specifies the configuration file to be loaded. Default file loaded
29 is /usr/local/etc/ocspd.conf.
30 -md digest
32 specifies the digest to be used when generating responses. Default
33 is sha1.
34 -k passwd
36 specifies the password to be used when loading the private key.
37 -i passin
39 the key password source. For more information about the format of
40 arg see the PASS PHRASE ARGUMENTS section in openssl(1).
41 -engine id
43 specifying an engine (by it's unique id string) will cause the
44 responder to attempt to obtain a functional reference to the speciā
45 fied engine, thus initialising it if needed. The engine will then
46 be set as the default for all available algorithms.
47 -r chroot_dir
49 Chroot the application into the specified directory.
50 -v this prints extra details about the operations being performed.
52
54 Actually not extensive testing has been carried out, anyway this daemon
55 is reported to work with Mozilla/Netscape.
56 To reload the certificate's db simply send a SIGHUP to the main process
58 ( kill -s SIGHUP pid ).
59
61 openca-ocspd -c contrib/ocspd.conf
62
64 Massimiliano Pala <madwolf@openca.org>
65
67 openca(3),openssl(1), ocsp(1)
68openca-ocspd 1.5.1 2007-04-17 ocspd.3(3)