How-Tos
Certificates
Validate Certificates
validate certificates check if a certificate expired or not, and more raidiam connect enables organisations to validate server (organisation) and client (application) certificates using online certificate status protocol (ocsp) within your organisation's application code, you can validate certificates using ocsp using popular libraries and tools of your choice like for example openssl or its alternatives validate certificate using ocsp online certificate status protocol (ocsp) is a protocol used in public key infrastructure docid\ ukxpxzgjtt4iswg9nbxe0 to check the revocation status of digital certificates in real time when a client, such as an organisation's client application, needs to verify another organisation server's certificate, it sends an ocsp request to an ocsp responder the responder then checks the certificate's status and replies with one of three responses good , revoked , or unknown this process ensures that certificates used in secure communications are still valid and haven't been revoked by the raidiam's public key infrastructure docid\ ukxpxzgjtt4iswg9nbxe0 or an organisation itself upon receiving a server/client certificate, create an ocsp request that contains the received certificate's serial number send the prepared request to raidiam's ocsp uri if you want to test it manually, you can download one of your certificates and execute the following command in your terminal to get the ocsp uri sample command to get ocsp uri openssl x509 in $path to your cert file noout ocsp uri for quick manual testing, you can use platforms like red kestrel to decode certificates and get the ocsp uri and other information about the certificate raidiam's ocsp responder ( public key infrastructure docid\ ukxpxzgjtt4iswg9nbxe0 ) reads the certificate serial number from your request the ocsp responder uses the certificate serial number to look up the revocation status of the provided certificate the ocsp responder validates the certificate in this scenario, raidiam's certificate validation service is the only trusted location where a compromise to the provided certificate would be recorded raidiam's public key infrastructure docid\ ukxpxzgjtt4iswg9nbxe0 provides a signed successful ocsp response which was signed using raidiam connect's public and private keys docid\ xb31qsym6rjvvzucnk1ex using raidiam's public key, cryptographically verify the ocsp response you received for quick manual testing, you can use platforms like red kestrel to decode certificates and get the ocsp uri and basic information about the certificate