I am using PSKI 3.2.6.0
Is it possible to check multiple OCSP server addresses to ensure they are working correctly? Here is what we have.
We have 8 Microsoft OCSP servers, named “server1.company.com” through “server8.company.com” sitting behind an F5 and load balanced across all 8 servers.
F5 DNS address ocsp.company.com
Our CA is configured with “http://ocsp.company.com/ocsp” url for OCSP.
I know I can use this to check the response
$file = "d:\TheCertificate.cer"
$cert = New-Object security.Cryptography.X509Certificates.X509Certificate2 $File
$Request = New-Object pki.ocsp.ocsprequest $cert
$Response = $Request.SendRequest()
$Response.ResponseStatus
However, the above uses the F5 address http://ocsp.company.com/ocsp from the certificate. Which is fine, however, is there a way to check each of the 8 server addresses in a script to make sure they are responding?
For example, how can you check http://server7.company.com/ocsp?
Is it possible to check multiple OCSP server addresses to ensure they are working correctly? Here is what we have.
We have 8 Microsoft OCSP servers, named “server1.company.com” through “server8.company.com” sitting behind an F5 and load balanced across all 8 servers.
F5 DNS address ocsp.company.com
Our CA is configured with “http://ocsp.company.com/ocsp” url for OCSP.
I know I can use this to check the response
$file = "d:\TheCertificate.cer"
$cert = New-Object security.Cryptography.X509Certificates.X509Certificate2 $File
$Request = New-Object pki.ocsp.ocsprequest $cert
$Response = $Request.SendRequest()
$Response.ResponseStatus
However, the above uses the F5 address http://ocsp.company.com/ocsp from the certificate. Which is fine, however, is there a way to check each of the 8 server addresses in a script to make sure they are responding?
For example, how can you check http://server7.company.com/ocsp?