Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

This thread was closed and archived. Please ask a new question if you need help.

Can we intercept OCSP URI to our local OCSP server at runtime

  • No replies
  • 1 has this problem
  • 2 views
more options

locking as a duplicate of https://support.mozilla.org/en-US/questions/1165697


Hi, I need one help here. As we know that Firfox support OCSP for certificate revocation check. Suppose if I have CA certifcate of an organization and in that cert in AIA attribute they have setted their own OCSP URI. IS it possible that if we would have CRL file of that CA certificate that will host in my local server, and at run time when certificate handshake will have happen before communication and according to OCSP protocol whatever the OCSP URI is provided in certifcate to check cert revocation online. I want that at run time can we redirect that OCSP call to my local server for revocation so that it wont go the original URI or you can say it should not go outside of my server and it will check locally to my server for revocation without tampering Certifcate OCSP URI. Please help here its really urgent for me to know this and if this is possible I need help in implementation.

Many thanks.

Modified by the-edmeister