The POST /Monitoring/Revocation/OCSP/Test method is used to test whether an OCSP endpoint
An endpoint is a URL that enables the API to gain access to resources on a server. can be reached. It does not whether the CRL A Certificate Revocation List (CRL) is a list of digital certificates that have been revoked by the issuing Certificate Authority (CA) before their scheduled expiration date and should no longer be trusted. at the endpoint is still valid or has expired and does not test the delivery of email messages or other workflow A workflow is a series of steps necessary to complete a process. In Keyfactor Command, it refers to the workflow builder, which allows you to automate event-driven tasks such as when a certificate is requested, revoked or found in a certificate store. features for the alert. This method returns HTTP 200 OK on a success with a message about whether the OCSP endpoint was found at the specified location.
Table 539: POST Monitoring Revocation OCSP Test Input Parameters
| Name | Description |
|---|---|
| AuthorityName | A string indicating the distinguished name of the CA. For example: CN=CorpIssuingCA1, DC=keyexample, DC=com Use the POST /Monitoring/ResolveOCSP method (see POST Monitoring Resolve OSCP) with the CertificateAuthorityId to resolve this value. Use the GET /CertificateAuthority method (see GET Certificate Authority) to retrieve a list of all the CAs to determine the ID. |
| AuthorityNameId |
Required. A string indicating the base 64 encoded SHA1 hash of the AuthorityName. Use the POST /Monitoring/ResolveOCSP method (see POST Monitoring Resolve OSCP) with the CertificateAuthorityId to resolve this value. Use the GET /CertificateAuthority method (see GET Certificate Authority) to retrieve a list of all the CAs to determine the ID. |
| AuthorityKeyId |
Required. A string indicating the base 64 encoded SHA1 hash of the CA certificate's public key. This value is found in the CA's certificate as the Subject Key Identifier (SKID). Use the POST /Monitoring/ResolveOCSP method (see POST Monitoring Resolve OSCP) with the CertificateAuthorityId to resolve this value. Use the GET /CertificateAuthority method (see GET Certificate Authority) to retrieve a list of all the CAs to determine the ID. |
| SampleSerialNumber |
A string indicating the serial number of the certificate used to identity the CA. Use the POST /Monitoring/ResolveOCSP method (see POST Monitoring Resolve OSCP) with the CertificateAuthorityId to resolve this value. Use the GET /CertificateAuthority method (see GET Certificate Authority) to retrieve a list of all the CAs to determine the ID. |
| Url |
Required. A string indicating the location for the OCSP responder servicing the certificate authority's CRL that you wish to test. |
Table 540: POST Monitoring Revocation OCSP Test Response Data
| Parameter | Description |
|---|---|
| Success | A Boolean indicating whether the OCSP responder could be reached (true) or not (false). |
| Message | A string indicating a message regarding the outcome of the test. |
An API is a set of functions to allow creation of applications. Keyfactor offers the Keyfactor API, which allows third-party software to integrate with the advanced certificate enrollment and management features of Keyfactor Command. endpoints can be called and results returned. It is intended to be used primarily for validation, testing and workflow development. It also serves secondarily as documentation for the API. The link to the Keyfactor API Reference and Utility is in the dropdown from the help icon (
) at the top of the Management Portal page next to the Log Out button.Was this page helpful? Provide Feedback