Skip to content

Commit e5351bd

Browse files
fsrv-xyzfsrv-xyz
committed
doc: add readme
Signed-off-by: Florian Bauer <florian@fsrv.xyz>
1 parent a3bdfc1 commit e5351bd

File tree

1 file changed

+11
-0
lines changed

1 file changed

+11
-0
lines changed

README.md

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,11 @@
1+
# OCSPCRL
2+
3+
OCSPCRL is a minimal implementation of both a OCSP and CRL server in Golang. It provides the following http endpoints:
4+
5+
- `/ocsp` - OCSP responder
6+
- `/crl` - CRL responder
7+
8+
All what you need is to provide a CRL file, the root certificate and cert/key with extendedKeyUsage `OCSPSigning` to allow the OCSP server to sign the OCSP responses.
9+
When using OCSP, the certificate is checked against the CRL for validity.
10+
11+
Synchronization of the CAs CRL is out of scope of this project. You can use any mechanism to update the CRL file. Just notify the ocspcrl server process via `SIGHUP` signal to reload the CRL file.

0 commit comments

Comments
 (0)