revocation-check ocsp

Syntax

revocation-check ocsp

no revocation-check

Description

Enables certificate revocation checking for the current profile using the online certificate status protocol (OCSP).

The no form of this command disables certificate revocation checking for the current profile.

Command context

config-ta-<TA-NAME>

Authority

Administrators or local user group members with execution rights for this command.

Examples

Enabling revocation checking for the TA profile root-cert:

switch(config)# crypto pki ta-profile root-cert
switch(config-ta-root-cert)# revocation-check ocsp

Disabling revocation checking for the TA profile root-cert:

switch(config)# crypto pki ta-profile root-cert
switch(config-ta-root-cert)# no revocation-check