DyOCSP is an OCSP responder for private CA, and implementation of RFC 6960 and RFC 5019. The objective is to have a responder with flexible database backend choices.
- Get the latest binary from releases.
- Or pull docker image:
docker pull yuxki/dyocsp:v0.2.6
- Or get the sources:
git clone https://github.com/yuxki/dyocsp
Please try Demo after download.
- HTTP
- PKCS# 8
Documentation is available here: manual
Build and run dyocsp with a demo configuration file, certificate, and key.
- Binary
$ cd ./demo
$ go build ../cmd/dyocsp
$ ./dyocsp -c delegate-dyocsp.yml- Docker Image
$ cd ./demo
$ docker pull yuxki/dyocsp:v0.1.0
$ docker run --rm -v $(pwd):/work --workdir=/work yuxki/dyocsp:v0.1.0 -c delegate-dyocsp.ymlOpen another terminal.
# Request "successful good" certificate
$ cd demo
$ openssl ocsp \
-CAfile ca/root-ca.crt \
-issuer ca/sub-ca.crt \
-cert ca/good.crt \
-no_nonce \
-url http://localhost:9080# Request "successful revoked" certificate
$ cd ./demo
$ openssl ocsp \
-CAfile ca/root-ca.crt \
-issuer ca/sub-ca.crt \
-cert ca/revoked.crt \
-no_nonce \
-url http://localhost:9080