As of LCOS version 10.20, LANCOM devices support a server/responder for the Online Certificate Status Protocol (OCSP).
The Online Certificate Status Protocol (OCSP) is a procedure defined in RFC 6960 for checking the validity of a certificate at a central instance. Unlike certificate revocation lists (CRLs), the full CRL does not need to be downloaded periodically; instead, an on-demand OCSP request is made to the OCSP server when the connection is established, which ensures that the information about the validity of the certificate is always up-to-date. Only a small amount of data is transmitted since only the validity information for a certificate is sent. Compared to the CRL-based method, the validity information is always up-to-date and verification is faster.
The OCSP server can only be used in conjunction with a certification authority (CA) on the same device (LANCOM Smart Certificate). The OCSP server is not able to provide validity information for certificates from other CAs.
In order for the OCSP server to be used to generate certificates per LANCOM Smart Certificate, it must be assigned a certificate and a new entry is required in the profile for certificate creation in order to identify the OCSP server.