spacebar/ocsp-server
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

doc: adapt readme wording and include hint about Spacebar

Browse Source
This commit is contained in:
T. R. Bernstein
2026-04-30 01:31:53 +02:00
parent 520f329223
commit 00ac7628d4
1 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
README.md
View File

@@ -1,6 +1,7 @@
# OCSPCRL # OCSP Server
OCSPCRL is a minimal implementation of both a OCSP and CRL server in Golang. It provides the following http endpoints: OCSP Server is a minimal implementation of both a OCSP and CRL server in Golang, using a single CRL as the source for both interfaces.
Originally created by Florian Bauer and now adapted for Spacebar. It provides the following http endpoints:
| Endpoint | Description | | Endpoint | Description |
|------------|----------------------------------------------------------| |------------|----------------------------------------------------------|
@@ -10,7 +11,7 @@ OCSPCRL is a minimal implementation of both a OCSP and CRL server in Golang. It
| `/ca` | Issuer CA certificate in DER format | | `/ca` | Issuer CA certificate in DER format |
| `/ca.pem` | Issuer CA certificate in PEM format | | `/ca.pem` | Issuer CA certificate in PEM format |
All what you need is to provide a CRL file, the root certificate and cert/key with extendedKeyUsage `OCSPSigning` to allow the OCSP server to sign the OCSP responses. You need to provide a CRL file, the root certificate and cert/key with extendedKeyUsage `OCSPSigning` to allow the OCSP server to sign the OCSP responses.
When using OCSP, the certificate is checked against the CRL for validity. When using OCSP, the certificate is checked against the CRL for validity.
Synchronization of the CAs CRL is out of scope of this project. You can use any mechanism to update the CRL file. Just notify the ocspcrl server process via `SIGHUP` signal to reload the CRL file. Synchronization of the CAs CRL is out of scope of this project. You can use any mechanism to update the CRL file. Just notify the ocspcrl server process via `SIGHUP` signal to reload the CRL file.