From e5351bd313e043315eb87e092ad4c3542749cc73 Mon Sep 17 00:00:00 2001 From: Florian Bauer Date: Mon, 21 Apr 2025 18:11:06 +0200 Subject: [PATCH] doc: add readme Signed-off-by: Florian Bauer --- README.md | 11 +++++++++++ 1 file changed, 11 insertions(+) create mode 100644 README.md diff --git a/README.md b/README.md new file mode 100644 index 0000000..98b0b8e --- /dev/null +++ b/README.md @@ -0,0 +1,11 @@ +# OCSPCRL + +OCSPCRL is a minimal implementation of both a OCSP and CRL server in Golang. It provides the following http endpoints: + +- `/ocsp` - OCSP responder +- `/crl` - CRL responder + +All what you need is to provide a CRL file, the root certificate and cert/key with extendedKeyUsage `OCSPSigning` to allow the OCSP server to sign the OCSP responses. +When using OCSP, the certificate is checked against the CRL for validity. + +Synchronization of the CAs CRL is out of scope of this project. You can use any mechanism to update the CRL file. Just notify the ocspcrl server process via `SIGHUP` signal to reload the CRL file.